Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: google group | github issues

Project: headerbuddy

Scan Information (show all):

Display: Showing Vulnerable Dependencies (click to show all)

Dependency CPE GAV Highest Severity CVE Count CPE Confidence Evidence Count
spring-boot-1.5.8.RELEASE.jar org.springframework.boot:spring-boot:1.5.8.RELEASE    0 32
spring-boot-autoconfigure-1.5.8.RELEASE.jar org.springframework.boot:spring-boot-autoconfigure:1.5.8.RELEASE    0 32
jul-to-slf4j-1.7.25.jar org.slf4j:jul-to-slf4j:1.7.25    0 30
log4j-over-slf4j-1.7.25.jar org.slf4j:log4j-over-slf4j:1.7.25    0 31
spring-boot-starter-logging-1.5.8.RELEASE.jar org.springframework.boot:spring-boot-starter-logging:1.5.8.RELEASE    0 32
snakeyaml-1.17.jar org.yaml:snakeyaml:1.17    0 27
spring-boot-starter-1.5.8.RELEASE.jar org.springframework.boot:spring-boot-starter:1.5.8.RELEASE    0 32
tomcat-annotations-api-8.5.23.jar cpe:/a:apache_software_foundation:tomcat:8.5.23
cpe:/a:apache_tomcat:apache_tomcat:8.5.23
cpe:/a:apache:tomcat:8.5.23
org.apache.tomcat:tomcat-annotations-api:8.5.23  High 3 Low 19
tomcat-embed-core-8.5.23.jar cpe:/a:apache_software_foundation:tomcat:8.5.23
cpe:/a:apache_tomcat:apache_tomcat:8.5.23
cpe:/a:apache:tomcat:8.5.23
org.apache.tomcat.embed:tomcat-embed-core:8.5.23    0 Low 21
spring-boot-starter-tomcat-1.5.8.RELEASE.jar org.springframework.boot:spring-boot-starter-tomcat:1.5.8.RELEASE    0 32
validation-api-1.1.0.Final.jar javax.validation:validation-api:1.1.0.Final    0 22
jboss-logging-3.3.1.Final.jar org.jboss.logging:jboss-logging:3.3.1.Final    0 42
classmate-1.3.4.jar com.fasterxml:classmate:1.3.4    0 45
hibernate-validator-5.3.5.Final.jar cpe:/a:hibernate:hibernate_validator:5.3.5 org.hibernate:hibernate-validator:5.3.5.Final    0 Low 34
spring-boot-starter-web-1.5.8.RELEASE.jar org.springframework.boot:spring-boot-starter-web:1.5.8.RELEASE    0 32
aspectjweaver-1.8.11.jar org.aspectj:aspectjweaver:1.8.11    0 25
spring-boot-starter-aop-1.5.8.RELEASE.jar org.springframework.boot:spring-boot-starter-aop:1.5.8.RELEASE    0 32
tomcat-juli-8.5.23.jar cpe:/a:apache_software_foundation:tomcat:8.5.23 org.apache.tomcat:tomcat-juli:8.5.23    0 Low 21
spring-boot-starter-jdbc-1.5.8.RELEASE.jar org.springframework.boot:spring-boot-starter-jdbc:1.5.8.RELEASE    0 32
hibernate-jpa-2.1-api-1.0.0.Final.jar org.hibernate.javax.persistence:hibernate-jpa-2.1-api:1.0.0.Final    0 24
antlr-2.7.7.jar antlr:antlr:2.7.7    0 18
jandex-2.0.0.Final.jar org.jboss:jandex:2.0.0.Final    0 38
dom4j-1.6.1.jar dom4j:dom4j:1.6.1    0 28
hibernate-commons-annotations-5.0.1.Final.jar org.hibernate.common:hibernate-commons-annotations:5.0.1.Final    0 30
hibernate-core-5.0.12.Final.jar org.hibernate:hibernate-core:5.0.12.Final    0 35
hibernate-entitymanager-5.0.12.Final.jar org.hibernate:hibernate-entitymanager:5.0.12.Final    0 35
javax.transaction-api-1.2.jar javax.transaction:javax.transaction-api:1.2    0 38
spring-data-commons-1.13.8.RELEASE.jar org.springframework.data:spring-data-commons:1.13.8.RELEASE    0 26
spring-tx-4.3.12.RELEASE.jar cpe:/a:vmware:springsource_spring_framework:4.3.12
cpe:/a:pivotal_software:spring_framework:4.3.12
cpe:/a:springsource:spring_framework:4.3.12
cpe:/a:pivotal:spring_framework:4.3.12
org.springframework:spring-tx:4.3.12.RELEASE    0 Low 27
jcl-over-slf4j-1.7.25.jar org.slf4j:jcl-over-slf4j:1.7.25    0 31
spring-data-jpa-1.11.8.RELEASE.jar org.springframework.data:spring-data-jpa:1.11.8.RELEASE    0 30
spring-boot-starter-data-jpa-1.5.8.RELEASE.jar org.springframework.boot:spring-boot-starter-data-jpa:1.5.8.RELEASE    0 32
jackson-core-2.8.10.jar cpe:/a:fasterxml:jackson:2.8.10 com.fasterxml.jackson.core:jackson-core:2.8.10    0 Low 39
jackson-annotations-2.8.0.jar cpe:/a:fasterxml:jackson:2.8.0 com.fasterxml.jackson.core:jackson-annotations:2.8.0    0 Highest 39
stax2-api-3.1.4.jar org.codehaus.woodstox:stax2-api:3.1.4    0 29
woodstox-core-5.0.3.jar com.fasterxml.woodstox:woodstox-core:5.0.3    0 43
guava-20.0.jar com.google.guava:guava:20.0    0 29
javassist-3.21.0-GA.jar org.javassist:javassist:3.21.0-GA    0 29
reflections-0.9.11.jar org.reflections:reflections:0.9.11    0 25
javax.ws.rs-api-2.0.1.jar cpe:/a:restful_web_services_project:restful_web_services:2.0.1
cpe:/a:restful_project:restful:2.0.1
javax.ws.rs:javax.ws.rs-api:2.0.1    0 Low 36
javax.annotation-api-1.2.jar javax.annotation:javax.annotation-api:1.2    0 38
jersey-guava-2.25.1.jar org.glassfish.jersey.bundles.repackaged:jersey-guava:2.25.1    0 27
osgi-resource-locator-1.0.1.jar org.glassfish.hk2:osgi-resource-locator:1.0.1    0 27
jersey-common-2.25.1.jar org.glassfish.jersey.core:jersey-common:2.25.1    0 27
hk2-utils-2.5.0-b32.jar org.glassfish.hk2:hk2-utils:2.5.0-b32    0 23
aopalliance-repackaged-2.5.0-b32.jar org.glassfish.hk2.external:aopalliance-repackaged:2.5.0-b32    0 25
hk2-api-2.5.0-b32.jar org.glassfish.hk2:hk2-api:2.5.0-b32    0 27
javax.inject-2.5.0-b32.jar org.glassfish.hk2.external:javax.inject:2.5.0-b32    0 27
hk2-locator-2.5.0-b32.jar org.glassfish.hk2:hk2-locator:2.5.0-b32    0 27
jersey-client-2.25.1.jar org.glassfish.jersey.core:jersey-client:2.25.1    0 27
jersey-apache-connector-2.22.2.jar org.glassfish.jersey.connectors:jersey-apache-connector:2.22.2    0 27
jersey-entity-filtering-2.25.1.jar org.glassfish.jersey.ext:jersey-entity-filtering:2.25.1    0 27
jersey-media-json-jackson-2.25.1.jar org.glassfish.jersey.media:jersey-media-json-jackson:2.25.1    0 27
commons-compress-1.9.jar cpe:/a:apache:commons-compress:1.9 org.apache.commons:commons-compress:1.9    0 Low 39
commons-io-2.5.jar commons-io:commons-io:2.5    0 40
commons-codec-1.10.jar commons-codec:commons-codec:1.10    0 38
httpclient-4.5.3.jar cpe:/a:apache:httpclient:4.5.3 org.apache.httpcomponents:httpclient:4.5.3    0 Low 32
httpcore-4.4.8.jar org.apache.httpcomponents:httpcore:4.4.8    0 34
jffi-1.2.9.jar com.github.jnr:jffi:1.2.9    0 21
jffi-1.2.9-native.jar com.github.jnr:jffi:1.2.9    0 9
asm-commons-5.0.3.jar org.ow2.asm:asm-commons:5.0.3    0 28
asm-analysis-5.0.3.jar org.ow2.asm:asm-analysis:5.0.3    0 28
asm-tree-5.0.3.jar org.ow2.asm:asm-tree:5.0.3    0 28
asm-util-5.0.3.jar org.ow2.asm:asm-util:5.0.3    0 28
jnr-x86asm-1.0.2.jar com.github.jnr:jnr-x86asm:1.0.2    0 21
jnr-ffi-2.0.3.jar com.github.jnr:jnr-ffi:2.0.3    0 23
jnr-constants-0.8.7.jar cpe:/a:values_project:values:0.8.7 com.github.jnr:jnr-constants:0.8.7    0 Low 23
jnr-enxio-0.9.jar com.github.jnr:jnr-enxio:0.9    0 23
jnr-posix-3.0.12.jar com.github.jnr:jnr-posix:3.0.12    0 17
jnr-unixsocket-0.8.jar com.github.jnr:jnr-unixsocket:0.8    0 21
commons-lang-2.6.jar commons-lang:commons-lang:2.6    0 34
bcprov-jdk15on-1.52.jar cpe:/a:bouncycastle:bouncy_castle_crypto_package:1.52
cpe:/a:bouncycastle:bouncy-castle-crypto-package:1.52
org.bouncycastle:bcprov-jdk15on:1.52    0 Low 41
bcpkix-jdk15on-1.52.jar org.bouncycastle:bcpkix-jdk15on:1.52    0 41
logback-core-1.1.11.jar cpe:/a:logback:logback:1.1.11 ch.qos.logback:logback-core:1.1.11    0 Low 30
docker-client-8.7.1-shaded.jar cpe:/a:docker:docker:8.7.1 com.spotify:docker-client:8.7.1  Medium 1 Low 15
google-auth-library-credentials-0.6.0.jar com.google.auth:google-auth-library-credentials:0.6.0    0 21
jsr305-1.3.9.jar com.google.code.findbugs:jsr305:1.3.9    0 21
google-http-client-1.19.0.jar com.google.http-client:google-http-client:1.19.0    0 24
google-http-client-jackson2-1.19.0.jar com.google.http-client:google-http-client-jackson2:1.19.0    0 22
google-auth-library-oauth2-http-0.6.0.jar com.google.auth:google-auth-library-oauth2-http:0.6.0    0 23
config-1.2.0.jar com.typesafe:config:1.2.0    0 23
maven-model-3.3.3.jar org.apache.maven:maven-model:3.3.3    0 26
maven-settings-3.3.3.jar org.apache.maven:maven-settings:3.3.3    0 26
maven-builder-support-3.3.3.jar org.apache.maven:maven-builder-support:3.3.3    0 26
maven-settings-builder-3.3.3.jar org.apache.maven:maven-settings-builder:3.3.3    0 26
maven-repository-metadata-3.3.3.jar org.apache.maven:maven-repository-metadata:3.3.3    0 26
maven-plugin-api-3.3.3.jar org.apache.maven:maven-plugin-api:3.3.3    0 26
maven-model-builder-3.3.3.jar org.apache.maven:maven-model-builder:3.3.3    0 26
aether-spi-1.0.2.v20150114.jar org.eclipse.aether:aether-spi:1.0.2.v20150114    0 29
maven-aether-provider-3.3.3.jar org.apache.maven:maven-aether-provider:3.3.3    0 26
aether-impl-1.0.2.v20150114.jar org.eclipse.aether:aether-impl:1.0.2.v20150114    0 29
aether-api-1.0.2.v20150114.jar org.eclipse.aether:aether-api:1.0.2.v20150114    0 29
aether-util-1.0.2.v20150114.jar org.eclipse.aether:aether-util:1.0.2.v20150114    0 29
jsr250-api-1.0.jar javax.annotation:jsr250-api:1.0    0 20
cdi-api-1.0.jar javax.enterprise:cdi-api:1.0    0 26
org.eclipse.sisu.inject-0.3.0.jar org.eclipse.sisu:org.eclipse.sisu.inject:0.3.0    0 26
org.eclipse.sisu.plexus-0.3.0.jar org.eclipse.sisu:org.eclipse.sisu.plexus:0.3.0    0 26
javax.inject-1.jar javax.inject:javax.inject:1    0 20
aopalliance-1.0.jar aopalliance:aopalliance:1.0    0 20
sisu-guice-3.2.5-no_aop.jar org.sonatype.sisu:sisu-guice:3.2.5    0 30
plexus-interpolation-1.21.jar org.codehaus.plexus:plexus-interpolation:1.21    0 23
plexus-utils-3.0.20.jar org.codehaus.plexus:plexus-utils:3.0.20    0 27
plexus-classworlds-2.5.2.jar org.codehaus.plexus:plexus-classworlds:2.5.2    0 27
plexus-component-annotations-1.5.5.jar org.codehaus.plexus:plexus-component-annotations:1.5.5    0 26
plexus-cipher-1.4.jar org.sonatype.plexus:plexus-cipher:1.4    0 26
plexus-sec-dispatcher-1.3.jar org.sonatype.plexus:plexus-sec-dispatcher:1.3    0 26
maven-core-3.3.3.jar cpe:/a:apache:maven:3.3.3 org.apache.maven:maven-core:3.3.3    0 Low 26
maven-artifact-3.3.3.jar org.apache.maven:maven-artifact:3.3.3    0 24
jsch-0.1.46.jar cpe:/a:jcraft:jsch:0.1.46 com.jcraft:jsch:0.1.46  Medium 1 Low 25
JavaEWAH-0.5.6.jar com.googlecode.javaewah:JavaEWAH:0.5.6    0 19
org.eclipse.jgit-3.2.0.201312181205-r.jar org.eclipse.jgit:org.eclipse.jgit:3.2.0.201312181205-r    0 32
docker-maven-plugin-1.0.0.jar cpe:/a:docker:docker:1.0.0 com.spotify:docker-maven-plugin:1.0.0  High 11 Highest 21
mysql-connector-java-5.1.44.jar cpe:/a:oracle:mysql:5.1.44
cpe:/a:oracle:connector/j:5.1.44
cpe:/a:oracle:mysql_connectors:5.1.44
cpe:/a:sun:mysql_connector/j:5.1.44
cpe:/a:mysql:mysql:5.1.44
mysql:mysql-connector-java:5.1.44  High 444 Highest 36
jffi-1.2.9-native.jar: jffi-1.2.dll   0 4
jffi-1.2.9-native.jar: jffi-1.2.dll   0 4
docker-client-8.7.1-shaded.jar/META-INF/maven/com.fasterxml.jackson.core/jackson-core/pom.xml cpe:/a:fasterxml:jackson:2.8.8 com.fasterxml.jackson.core:jackson-core:2.8.8   0 Low 16
docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.core/jersey-client/pom.xml org.glassfish.jersey.core:jersey-client:2.22.2   0 13
docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.core/jersey-common/pom.xml org.glassfish.jersey.core:jersey-common:2.22.2   0 13
docker-client-8.7.1-shaded.jar/META-INF/maven/javax.annotation/javax.annotation-api/pom.xml cpe:/a:id:id-software:1.2 javax.annotation:javax.annotation-api:1.2   0 Low 20
docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.bundles.repackaged/jersey-guava/pom.xml org.glassfish.jersey.bundles.repackaged:jersey-guava:2.22.2   0 13
docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2/hk2-api/pom.xml org.glassfish.hk2:hk2-api:2.4.0-b34   0 13
docker-client-8.7.1-shaded.jar/META-INF/maven/org.jvnet/tiger-types/pom.xml org.jvnet:tiger-types:1.4   0 12
docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2/hk2-utils/pom.xml org.glassfish.hk2:hk2-utils:2.4.0-b34   0 13
docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2.external/aopalliance-repackaged/pom.xml org.glassfish.hk2.external:aopalliance-repackaged:2.4.0-b34   0 11
docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2.external/javax.inject/pom.xml org.glassfish.hk2.external:javax.inject:2.4.0-b34   0 13
docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2/hk2-locator/pom.xml org.glassfish.hk2:hk2-locator:2.4.0-b34   0 13
docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.media/jersey-media-json-jackson/pom.xml org.glassfish.jersey.media:jersey-media-json-jackson:2.22.2   0 13
docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.ext/jersey-entity-filtering/pom.xml org.glassfish.jersey.ext:jersey-entity-filtering:2.22.2   0 13

Dependencies

spring-boot-1.5.8.RELEASE.jar

Description: Spring Boot

File Path: /root/.m2/repository/org/springframework/boot/spring-boot/1.5.8.RELEASE/spring-boot-1.5.8.RELEASE.jar
MD5: 675be87ce49c0b8ace3ebfcf984c11e8
SHA1: 748ebde51761e12627ad23d064024f342b18f9b4
Referenced In Project/Scope: headerbuddy:compile

Identifiers

spring-boot-autoconfigure-1.5.8.RELEASE.jar

Description: Spring Boot AutoConfigure

File Path: /root/.m2/repository/org/springframework/boot/spring-boot-autoconfigure/1.5.8.RELEASE/spring-boot-autoconfigure-1.5.8.RELEASE.jar
MD5: 883725f77818b4142ae082cbcd95b86b
SHA1: e4f2efa4c319f4e3613d94fbccfdb5ccda6873e3
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jul-to-slf4j-1.7.25.jar

Description: JUL to SLF4J bridge

File Path: /root/.m2/repository/org/slf4j/jul-to-slf4j/1.7.25/jul-to-slf4j-1.7.25.jar
MD5: ab28124cb05fec600f2ffe37b94629e0
SHA1: 0af5364cd6679bfffb114f0dec8a157aaa283b76
Referenced In Project/Scope: headerbuddy:compile

Identifiers

log4j-over-slf4j-1.7.25.jar

Description: Log4j implemented over SLF4J

License:

Apache Software Licenses: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/slf4j/log4j-over-slf4j/1.7.25/log4j-over-slf4j-1.7.25.jar
MD5: fb818c7981d842875905587a61f2b942
SHA1: a87bb47468f47ee7aabbd54f93e133d4215769c3
Referenced In Project/Scope: headerbuddy:compile

Identifiers

spring-boot-starter-logging-1.5.8.RELEASE.jar

Description: Starter for logging using Logback. Default logging starter

File Path: /root/.m2/repository/org/springframework/boot/spring-boot-starter-logging/1.5.8.RELEASE/spring-boot-starter-logging-1.5.8.RELEASE.jar
MD5: 0382e6357210ce235ec4f7a6fbb78d9b
SHA1: ebc00a0e46753d90431fdcc5e3d6b9fd3bf1564a
Referenced In Project/Scope: headerbuddy:compile

Identifiers

snakeyaml-1.17.jar

Description: YAML 1.1 parser and emitter for Java

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/yaml/snakeyaml/1.17/snakeyaml-1.17.jar
MD5: ab621c3cee316236ad04a6f0fe4dd17c
SHA1: 7a27ea250c5130b2922b86dea63cbb1cc10a660c
Referenced In Project/Scope: headerbuddy:runtime

Identifiers

spring-boot-starter-1.5.8.RELEASE.jar

Description: Core starter, including auto-configuration support, logging and YAML

File Path: /root/.m2/repository/org/springframework/boot/spring-boot-starter/1.5.8.RELEASE/spring-boot-starter-1.5.8.RELEASE.jar
MD5: f1f15b6c0c1d8d0b3396eb02143e6aec
SHA1: 18048efe1f06569022a53cc3fb2fe9c0162935a3
Referenced In Project/Scope: headerbuddy:compile

Identifiers

tomcat-annotations-api-8.5.23.jar

Description: Annotations Package

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/apache/tomcat/tomcat-annotations-api/8.5.23/tomcat-annotations-api-8.5.23.jar
MD5: a176f33b5656eb44675aacb1f50e8468
SHA1: aaf17df9fe0240e9e9d5375d24d5f177174b73d9
Referenced In Project/Scope: headerbuddy:compile

Identifiers

CVE-2016-5425  

Severity: High
CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
CWE: CWE-264 Permissions, Privileges, and Access Controls

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.

Vulnerable Software & Versions:

CVE-2016-6325  

Severity: High
CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
CWE: CWE-264 Permissions, Privileges, and Access Controls

The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group.

Vulnerable Software & Versions:

CVE-2017-6056  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-19 Data Handling

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu.

Vulnerable Software & Versions:

tomcat-embed-core-8.5.23.jar

Description: Core Tomcat implementation

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/8.5.23/tomcat-embed-core-8.5.23.jar
MD5: ae9430c1a4fc4d0d8eee4f33f2f4da00
SHA1: 79261793a47f507890ee08f749b9d81774e4f7f0
Referenced In Project/Scope: headerbuddy:compile

Identifiers

spring-boot-starter-tomcat-1.5.8.RELEASE.jar

Description: Starter for using Tomcat as the embedded servlet container. Default servlet container starter used by spring-boot-starter-web

File Path: /root/.m2/repository/org/springframework/boot/spring-boot-starter-tomcat/1.5.8.RELEASE/spring-boot-starter-tomcat-1.5.8.RELEASE.jar
MD5: f503ff9955fc1afc2e8419fd24750bbd
SHA1: cf3b7eb7e192a60ab1dd09e4f8bce82710a5feb0
Referenced In Project/Scope: headerbuddy:compile

Identifiers

validation-api-1.1.0.Final.jar

Description:  Bean Validation API

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/javax/validation/validation-api/1.1.0.Final/validation-api-1.1.0.Final.jar
MD5: 4c257f52462860b62ab3cdab45f53082
SHA1: 8613ae82954779d518631e05daa73a6a954817d5
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jboss-logging-3.3.1.Final.jar

Description: The JBoss Logging Framework

License:

Apache License, version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/jboss/logging/jboss-logging/3.3.1.Final/jboss-logging-3.3.1.Final.jar
MD5: 93cf8945ff84aaf9f0ed9a76991338fb
SHA1: c46217ab74b532568c0ed31dc599db3048bd1b67
Referenced In Project/Scope: headerbuddy:compile

Identifiers

classmate-1.3.4.jar

Description: Library for introspecting types with full generic information including resolving of field and method types.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/fasterxml/classmate/1.3.4/classmate-1.3.4.jar
MD5: 1e2e0fcc510753882683417e01895242
SHA1: 03d5f48f10bbe4eb7bd862f10c0583be2e0053c6
Referenced In Project/Scope: headerbuddy:compile

Identifiers

hibernate-validator-5.3.5.Final.jar

Description: Hibernate's Bean Validation (JSR-303) reference implementation.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/hibernate/hibernate-validator/5.3.5.Final/hibernate-validator-5.3.5.Final.jar
MD5: bd241d9104768ad5ef698d58534c0bce
SHA1: 0622a9bcef2eed6d41b5b8e0662c36212009e375
Referenced In Project/Scope: headerbuddy:compile

Identifiers

spring-boot-starter-web-1.5.8.RELEASE.jar

Description: Starter for building web, including RESTful, applications using Spring MVC. Uses Tomcat as the default embedded container

File Path: /root/.m2/repository/org/springframework/boot/spring-boot-starter-web/1.5.8.RELEASE/spring-boot-starter-web-1.5.8.RELEASE.jar
MD5: 438d727721706551127010b294431fb5
SHA1: 7e0dc79e3b47be4539ad3c033639133ae6b7a17e
Referenced In Project/Scope: headerbuddy:compile

Identifiers

aspectjweaver-1.8.11.jar

Description: The AspectJ weaver introduces advices to java classes

License:

Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.html
File Path: /root/.m2/repository/org/aspectj/aspectjweaver/1.8.11/aspectjweaver-1.8.11.jar
MD5: 2ac279a567760707bb62fd7e03197dfe
SHA1: 9807e0e13c8a295f15882721db50fa3d142c44a9
Referenced In Project/Scope: headerbuddy:compile

Identifiers

spring-boot-starter-aop-1.5.8.RELEASE.jar

Description: Starter for aspect-oriented programming with Spring AOP and AspectJ

File Path: /root/.m2/repository/org/springframework/boot/spring-boot-starter-aop/1.5.8.RELEASE/spring-boot-starter-aop-1.5.8.RELEASE.jar
MD5: fe2b34c575e1bdf72458305aca73006d
SHA1: 9bc9a40e0718726ed48f6becc509b2d186f1ebcc
Referenced In Project/Scope: headerbuddy:compile

Identifiers

tomcat-juli-8.5.23.jar

Description: Tomcat Core Logging Package

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/apache/tomcat/tomcat-juli/8.5.23/tomcat-juli-8.5.23.jar
MD5: 359c91b465359dbec89664c14c8ca465
SHA1: 98e7f0610b7b2fb8303f11be0210e3f5a56a7d55
Referenced In Project/Scope: headerbuddy:compile

Identifiers

spring-boot-starter-jdbc-1.5.8.RELEASE.jar

Description: Starter for using JDBC with the Tomcat JDBC connection pool

File Path: /root/.m2/repository/org/springframework/boot/spring-boot-starter-jdbc/1.5.8.RELEASE/spring-boot-starter-jdbc-1.5.8.RELEASE.jar
MD5: f7ded0503dea0401eb4941eba8f944df
SHA1: fc98631eba9817c920b9ac1c5845214f49637a33
Referenced In Project/Scope: headerbuddy:compile

Identifiers

hibernate-jpa-2.1-api-1.0.0.Final.jar

Description: Clean-room definition of JPA APIs intended for use in developing Hibernate JPA implementation. See README.md for details

License:

Eclipse Public License (EPL), Version 1.0: http://www.eclipse.org/legal/epl-v10.html
Eclipse Distribution License (EDL), Version 1.0: http://www.eclipse.org/org/documents/edl-v10.php
File Path: /root/.m2/repository/org/hibernate/javax/persistence/hibernate-jpa-2.1-api/1.0.0.Final/hibernate-jpa-2.1-api-1.0.0.Final.jar
MD5: 01b091825023c97fdfd6d2bceebe03ff
SHA1: 5e731d961297e5a07290bfaf3db1fbc8bbbf405a
Referenced In Project/Scope: headerbuddy:compile

Identifiers

antlr-2.7.7.jar

Description:  A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.

License:

BSD License: http://www.antlr.org/license.html
File Path: /root/.m2/repository/antlr/antlr/2.7.7/antlr-2.7.7.jar
MD5: f8f1352c52a4c6a500b597596501fc64
SHA1: 83cd2cd674a217ade95a4bb83a8a14f351f48bd0
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jandex-2.0.0.Final.jar

Description: Parent POM for JBoss projects. Provides default project build configuration.

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/jboss/jandex/2.0.0.Final/jandex-2.0.0.Final.jar
MD5: a76f6c70f99b5d9c6cd14180df0b6df1
SHA1: 3e899258936f94649c777193e1be846387ed54b3
Referenced In Project/Scope: headerbuddy:compile

Identifiers

dom4j-1.6.1.jar

Description: dom4j: the flexible XML framework for Java

File Path: /root/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar
MD5: 4d8f51d3fe3900efc6e395be48030d6d
SHA1: 5d3ccc056b6f056dbf0dddfdf43894b9065a8f94
Referenced In Project/Scope: headerbuddy:compile

Identifiers

hibernate-commons-annotations-5.0.1.Final.jar

Description: Common reflection code used in support of annotation processing

License:

GNU Lesser General Public License: http://www.gnu.org/licenses/lgpl-2.1.html
File Path: /root/.m2/repository/org/hibernate/common/hibernate-commons-annotations/5.0.1.Final/hibernate-commons-annotations-5.0.1.Final.jar
MD5: 2a9d6f5a4ece96557bc4300ecc4486fb
SHA1: 71e1cff3fcb20d3b3af4f3363c3ddb24d33c6879
Referenced In Project/Scope: headerbuddy:compile

Identifiers

hibernate-core-5.0.12.Final.jar

Description: The core O/RM functionality as provided by Hibernate

License:

GNU Lesser General Public License: http://www.gnu.org/licenses/lgpl-2.1.html
File Path: /root/.m2/repository/org/hibernate/hibernate-core/5.0.12.Final/hibernate-core-5.0.12.Final.jar
MD5: 226c1afa3e0a7213400b0fd55d6f3b61
SHA1: e58bf1c660e6706d8e2cbb53bae110f574366102
Referenced In Project/Scope: headerbuddy:compile

Identifiers

hibernate-entitymanager-5.0.12.Final.jar

Description: Hibernate O/RM implementation of the JPA specification

License:

GNU Lesser General Public License: http://www.gnu.org/licenses/lgpl-2.1.html
File Path: /root/.m2/repository/org/hibernate/hibernate-entitymanager/5.0.12.Final/hibernate-entitymanager-5.0.12.Final.jar
MD5: bd685c02dd805104726721411207e885
SHA1: 302a526f5058290e9cbd719a5caf9f248d344719
Referenced In Project/Scope: headerbuddy:compile

Identifiers

javax.transaction-api-1.2.jar

Description: Project GlassFish Java Transaction API

License:

CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html
File Path: /root/.m2/repository/javax/transaction/javax.transaction-api/1.2/javax.transaction-api-1.2.jar
MD5: 2dfee184286530e726ad155816e15b4c
SHA1: d81aff979d603edd90dcd8db2abc1f4ce6479e3e
Referenced In Project/Scope: headerbuddy:compile

Identifiers

spring-data-commons-1.13.8.RELEASE.jar

File Path: /root/.m2/repository/org/springframework/data/spring-data-commons/1.13.8.RELEASE/spring-data-commons-1.13.8.RELEASE.jar
MD5: 41b6ce6edafc9db13a523c78b3c4e19a
SHA1: 2853e3c38e02d42529f6c8b247d7bace40c25642
Referenced In Project/Scope: headerbuddy:compile

Identifiers

spring-tx-4.3.12.RELEASE.jar

Description: Spring Transaction

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /root/.m2/repository/org/springframework/spring-tx/4.3.12.RELEASE/spring-tx-4.3.12.RELEASE.jar
MD5: 65bb5f31f3254fc6d278ed8453583416
SHA1: 7147b6839b2bf9db3621b79c73b4dddbe69572b6
Referenced In Project/Scope: headerbuddy:compile

Identifiers

  • cpe: cpe:/a:vmware:springsource_spring_framework:4.3.12   Confidence:Low   
  • cpe: cpe:/a:pivotal_software:spring_framework:4.3.12   Confidence:Low   
  • maven: org.springframework:spring-tx:4.3.12.RELEASE    Confidence:Highest
  • cpe: cpe:/a:springsource:spring_framework:4.3.12   Confidence:Low   
  • cpe: cpe:/a:pivotal:spring_framework:4.3.12   Confidence:Low   

jcl-over-slf4j-1.7.25.jar

Description: JCL 1.2 implemented over SLF4J

File Path: /root/.m2/repository/org/slf4j/jcl-over-slf4j/1.7.25/jcl-over-slf4j-1.7.25.jar
MD5: 56b22adc639b09b2e917f42d68b26600
SHA1: f8c32b13ff142a513eeb5b6330b1588dcb2c0461
Referenced In Project/Scope: headerbuddy:compile

Identifiers

spring-data-jpa-1.11.8.RELEASE.jar

Description: Spring Data module for JPA repositories.

File Path: /root/.m2/repository/org/springframework/data/spring-data-jpa/1.11.8.RELEASE/spring-data-jpa-1.11.8.RELEASE.jar
MD5: edace70f681e79388d3376995f5ca123
SHA1: d674b8407de3d2998c106557fd6a6665de2bc217
Referenced In Project/Scope: headerbuddy:compile

Identifiers

spring-boot-starter-data-jpa-1.5.8.RELEASE.jar

Description: Starter for using Spring Data JPA with Hibernate

File Path: /root/.m2/repository/org/springframework/boot/spring-boot-starter-data-jpa/1.5.8.RELEASE/spring-boot-starter-data-jpa-1.5.8.RELEASE.jar
MD5: adba5d9107ec66d2ae7fd12d33d7d3ed
SHA1: 55bb5e8aea5707f79ee9888ad75261a7b7df4654
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jackson-core-2.8.10.jar

Description: Core Jackson abstractions, basic JSON streaming API implementation

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.8.10/jackson-core-2.8.10.jar
MD5: de528504165730b13b66f461a85b341e
SHA1: eb21a035c66ad307e66ec8fce37f5d50fd62d039
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jackson-annotations-2.8.0.jar

Description: Core annotations used for value types, used by Jackson data binding package.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/fasterxml/jackson/core/jackson-annotations/2.8.0/jackson-annotations-2.8.0.jar
MD5: 288e6537849f0c63e76409b515c4fbe4
SHA1: 45b426f7796b741035581a176744d91090e2e6fb
Referenced In Project/Scope: headerbuddy:compile

Identifiers

stax2-api-3.1.4.jar

Description: tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.

License:

The BSD License: http://www.opensource.org/licenses/bsd-license.php
File Path: /root/.m2/repository/org/codehaus/woodstox/stax2-api/3.1.4/stax2-api-3.1.4.jar
MD5: c08e89de601b0a78f941b2c29db565c3
SHA1: ac19014b1e6a7c08aad07fe114af792676b685b7
Referenced In Project/Scope: headerbuddy:compile

Identifiers

woodstox-core-5.0.3.jar

Description:  Woodstox is a high-performance XML processor that implements Stax (JSR-173), SAX2 and Stax2 APIs

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/fasterxml/woodstox/woodstox-core/5.0.3/woodstox-core-5.0.3.jar
MD5: 8b151bd3d262d9c07e0384b7cc6c4cd9
SHA1: 10aa199207fda142eff01cd61c69244877d71770
Referenced In Project/Scope: headerbuddy:compile

Identifiers

guava-20.0.jar

Description:  Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more. Guava has only one code dependency - javax.annotation, per the JSR-305 spec.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/google/guava/guava/20.0/guava-20.0.jar
MD5: f32a8a2524620dbecc9f6bf6a20c293f
SHA1: 89507701249388e1ed5ddcf8c41f4ce1be7831ef
Referenced In Project/Scope: headerbuddy:compile

Identifiers

javassist-3.21.0-GA.jar

Description:  Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation simple. It is a class library for editing bytecodes in Java.

License:

MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.html
LGPL 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Apache License 2.0: http://www.apache.org/licenses/
File Path: /root/.m2/repository/org/javassist/javassist/3.21.0-GA/javassist-3.21.0-GA.jar
MD5: 3dba2305f842c2891df0a0926e18bcfa
SHA1: 598244f595db5c5fb713731eddbb1c91a58d959b
Referenced In Project/Scope: headerbuddy:compile

Identifiers

reflections-0.9.11.jar

Description: Reflections - a Java runtime metadata analysis

License:

WTFPL: http://www.wtfpl.net/
The New BSD License: http://www.opensource.org/licenses/bsd-license.html
File Path: /root/.m2/repository/org/reflections/reflections/0.9.11/reflections-0.9.11.jar
MD5: aca303b243a6c2225685b992ceea1cb3
SHA1: 4c686033d918ec1727e329b7222fcb020152e32b
Referenced In Project/Scope: headerbuddy:compile

Identifiers

javax.ws.rs-api-2.0.1.jar

Description: Java API for RESTful Web Services (JAX-RS)

License:

CDDL 1.1: http://glassfish.java.net/public/CDDL+GPL_1_1.html
GPL2 w/ CPE: http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /root/.m2/repository/javax/ws/rs/javax.ws.rs-api/2.0.1/javax.ws.rs-api-2.0.1.jar
MD5: edcd111cf4d3ba8ac8e1f326efc37a17
SHA1: 104e9c2b5583cfcfeac0402316221648d6d8ea6b
Referenced In Project/Scope: headerbuddy:compile

Identifiers

  • cpe: cpe:/a:restful_web_services_project:restful_web_services:2.0.1   Confidence:Low   
  • maven: javax.ws.rs:javax.ws.rs-api:2.0.1    Confidence:Highest
  • cpe: cpe:/a:restful_project:restful:2.0.1   Confidence:Low   

javax.annotation-api-1.2.jar

Description: Common Annotations for the JavaTM Platform API

License:

CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html
File Path: /root/.m2/repository/javax/annotation/javax.annotation-api/1.2/javax.annotation-api-1.2.jar
MD5: 75fe320d2b3763bd6883ae1ede35e987
SHA1: 479c1e06db31c432330183f5cae684163f186146
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jersey-guava-2.25.1.jar

Description: Jersey Guava Repackaged

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /root/.m2/repository/org/glassfish/jersey/bundles/repackaged/jersey-guava/2.25.1/jersey-guava-2.25.1.jar
MD5: 08dc8642c4e990b054882cb4f422f88b
SHA1: a2bb4f8208e134cf2cf71dfb8824e42942f7bd06
Referenced In Project/Scope: headerbuddy:compile

Identifiers

osgi-resource-locator-1.0.1.jar

Description:  See http://wiki.glassfish.java.net/Wiki.jsp?page=JdkSpiOsgi for more information

License:

https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html
File Path: /root/.m2/repository/org/glassfish/hk2/osgi-resource-locator/1.0.1/osgi-resource-locator-1.0.1.jar
MD5: 51e70ad8fc9d1e9fb19debeb55555b75
SHA1: 4ed2b2d4738aed5786cfa64cba5a332779c4c708
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jersey-common-2.25.1.jar

Description: Jersey core common packages

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /root/.m2/repository/org/glassfish/jersey/core/jersey-common/2.25.1/jersey-common-2.25.1.jar
MD5: d1f25f421cafb38efb49e2fef0799339
SHA1: 2438ce68d4907046095ab54aa83a6092951b4bbb
Referenced In Project/Scope: headerbuddy:compile

Identifiers

hk2-utils-2.5.0-b32.jar

Description: HK2 Implementation Utilities

License:

https://glassfish.java.net/nonav/public/CDDL+GPL_1_1.html
File Path: /root/.m2/repository/org/glassfish/hk2/hk2-utils/2.5.0-b32/hk2-utils-2.5.0-b32.jar
MD5: acc873aece4f8e89814ac0300b549e3e
SHA1: 5108a926988c4ceda7f1e681dddfe3101454a002
Referenced In Project/Scope: headerbuddy:compile

Identifiers

aopalliance-repackaged-2.5.0-b32.jar

Description: Dependency Injection Kernel

License:

https://glassfish.java.net/nonav/public/CDDL+GPL_1_1.html
File Path: /root/.m2/repository/org/glassfish/hk2/external/aopalliance-repackaged/2.5.0-b32/aopalliance-repackaged-2.5.0-b32.jar
MD5: 99809f55109881865ce8b47f03522fb6
SHA1: 6af37c3f8ec6f9e9653ec837eb508da28ce443cd
Referenced In Project/Scope: headerbuddy:compile

Identifiers

hk2-api-2.5.0-b32.jar

Description: ${project.name}

License:

https://glassfish.java.net/nonav/public/CDDL+GPL_1_1.html
File Path: /root/.m2/repository/org/glassfish/hk2/hk2-api/2.5.0-b32/hk2-api-2.5.0-b32.jar
MD5: 93322931c4ec277c5190c7cddf7ad155
SHA1: 6a576c9653832ce610b80a2f389374ef19d96171
Referenced In Project/Scope: headerbuddy:compile

Identifiers

javax.inject-2.5.0-b32.jar

Description: Injection API (JSR 330) version ${javax.inject.version} repackaged as OSGi bundle

License:

https://glassfish.java.net/nonav/public/CDDL+GPL_1_1.html
File Path: /root/.m2/repository/org/glassfish/hk2/external/javax.inject/2.5.0-b32/javax.inject-2.5.0-b32.jar
MD5: b7e8633eb1e5aad9f44a37a3f3bfa8f5
SHA1: b2fa50c8186a38728c35fe6a9da57ce4cc806923
Referenced In Project/Scope: headerbuddy:compile

Identifiers

hk2-locator-2.5.0-b32.jar

Description: ${project.name}

License:

https://glassfish.java.net/nonav/public/CDDL+GPL_1_1.html
File Path: /root/.m2/repository/org/glassfish/hk2/hk2-locator/2.5.0-b32/hk2-locator-2.5.0-b32.jar
MD5: 5baf0f144cf8552a9fe476b096fc18a7
SHA1: 195474f8ad0a8d130e9ea949a771bcf1215fc33b
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jersey-client-2.25.1.jar

Description: Jersey core client implementation

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /root/.m2/repository/org/glassfish/jersey/core/jersey-client/2.25.1/jersey-client-2.25.1.jar
MD5: cbc88e55529984d664eb6ef1b65b3684
SHA1: 4d563b1f93352ee9fad597e9e1daf2c6159993c6
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jersey-apache-connector-2.22.2.jar

Description: Jersey Client Transport via Apache

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /root/.m2/repository/org/glassfish/jersey/connectors/jersey-apache-connector/2.22.2/jersey-apache-connector-2.22.2.jar
MD5: 9f37316e8689923c8b9c6be8142232de
SHA1: d00a838da6d355d3ddb978bf7a70c6a7f6bd688b
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jersey-entity-filtering-2.25.1.jar

Description:  Jersey extension module providing support for Entity Data Filtering.

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /root/.m2/repository/org/glassfish/jersey/ext/jersey-entity-filtering/2.25.1/jersey-entity-filtering-2.25.1.jar
MD5: 91551b869eaebf55ef5cb84f434f7aab
SHA1: 4a5805060f796ec2c9bb1ba0ce91c1db6d889524
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jersey-media-json-jackson-2.25.1.jar

Description:  Jersey JSON Jackson (2.x) entity providers support module.

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /root/.m2/repository/org/glassfish/jersey/media/jersey-media-json-jackson/2.25.1/jersey-media-json-jackson-2.25.1.jar
MD5: 7cff87698191850f9e4aba8e51a936fc
SHA1: 19d1e4276eb7b6386640c344d9e5c01eba7eae5d
Referenced In Project/Scope: headerbuddy:compile

Identifiers

commons-compress-1.9.jar

Description:  Apache Commons Compress software defines an API for working with compression and archive formats. These include: bzip2, gzip, pack200, lzma, xz, Snappy, traditional Unix Compress, DEFLATE and ar, cpio, jar, tar, zip, dump, 7z, arj.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/apache/commons/commons-compress/1.9/commons-compress-1.9.jar
MD5: 6c9ce8534b9e4c17e5dea7a97425245c
SHA1: cc18955ff1e36d5abd39a14bfe82b19154330a34
Referenced In Project/Scope: headerbuddy:compile

Identifiers

commons-io-2.5.jar

Description:  The Apache Commons IO library contains utility classes, stream implementations, file filters, file comparators, endian transformation classes, and much more.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/commons-io/commons-io/2.5/commons-io-2.5.jar
MD5: e2d74794fba570ec2115fb9d5b05dc9b
SHA1: 2852e6e05fbb95076fc091f6d1780f1f8fe35e0f
Referenced In Project/Scope: headerbuddy:compile

Identifiers

commons-codec-1.10.jar

Description:  The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/commons-codec/commons-codec/1.10/commons-codec-1.10.jar
MD5: 353cf6a2bdba09595ccfa073b78c7fcb
SHA1: 4b95f4897fa13f2cd904aee711aeafc0c5295cd8
Referenced In Project/Scope: headerbuddy:compile

Identifiers

httpclient-4.5.3.jar

Description:  Apache HttpComponents Client

File Path: /root/.m2/repository/org/apache/httpcomponents/httpclient/4.5.3/httpclient-4.5.3.jar
MD5: 1965ebb7aca0f9f8faaed3870d8cf689
SHA1: d1577ae15f01ef5438c5afc62162457c00a34713
Referenced In Project/Scope: headerbuddy:compile

Identifiers

httpcore-4.4.8.jar

Description:  Apache HttpComponents Core (blocking I/O)

File Path: /root/.m2/repository/org/apache/httpcomponents/httpcore/4.4.8/httpcore-4.4.8.jar
MD5: 60fb93171aa46ffaefde3623c517bd60
SHA1: 70539e2a07865bab38b4153da1ce599cf081790a
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jffi-1.2.9.jar

Description: Java Foreign Function Interface

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/github/jnr/jffi/1.2.9/jffi-1.2.9.jar
MD5: eae20f60ef90cb3b1542c672565d35de
SHA1: 93294973285d2977c41fb1cfcfa864d41b145498
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jffi-1.2.9-native.jar

File Path: /root/.m2/repository/com/github/jnr/jffi/1.2.9/jffi-1.2.9-native.jar
MD5: 4457ad354ccb93ba16c454b308873a8f
SHA1: 1b1e82f867bb47237e6db690fbc6bfc999689c63
Referenced In Project/Scope: headerbuddy:runtime

Identifiers

asm-commons-5.0.3.jar

File Path: /root/.m2/repository/org/ow2/asm/asm-commons/5.0.3/asm-commons-5.0.3.jar
MD5: 49c4bd16df054f7b7376fcb80de5a225
SHA1: a7111830132c7f87d08fe48cb0ca07630f8cb91c
Referenced In Project/Scope: headerbuddy:compile

Identifiers

asm-analysis-5.0.3.jar

File Path: /root/.m2/repository/org/ow2/asm/asm-analysis/5.0.3/asm-analysis-5.0.3.jar
MD5: f4bd5c076645f8004663cc35044fdb32
SHA1: c7126aded0e8e13fed5f913559a0dd7b770a10f3
Referenced In Project/Scope: headerbuddy:compile

Identifiers

asm-tree-5.0.3.jar

File Path: /root/.m2/repository/org/ow2/asm/asm-tree/5.0.3/asm-tree-5.0.3.jar
MD5: 94abc9b0126e1ec2c12625dfce54e32e
SHA1: 287749b48ba7162fb67c93a026d690b29f410bed
Referenced In Project/Scope: headerbuddy:compile

Identifiers

asm-util-5.0.3.jar

File Path: /root/.m2/repository/org/ow2/asm/asm-util/5.0.3/asm-util-5.0.3.jar
MD5: 85b23e37383c7bb9200a2ad5067842e1
SHA1: 1512e5571325854b05fb1efce1db75fcced54389
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jnr-x86asm-1.0.2.jar

Description: A pure-java X86 and X86_64 assembler

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /root/.m2/repository/com/github/jnr/jnr-x86asm/1.0.2/jnr-x86asm-1.0.2.jar
MD5: 00670735acb2a9d1421b506dc7d338bc
SHA1: 006936bbd6c5b235665d87bd450f5e13b52d4b48
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jnr-ffi-2.0.3.jar

Description: A library for invoking native functions from java

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/github/jnr/jnr-ffi/2.0.3/jnr-ffi-2.0.3.jar
MD5: 2eff9dd0fb7f21bfde78c5bb208759f2
SHA1: 7288fedfcb40274c638795f94956d9d4328d07be
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jnr-constants-0.8.7.jar

Description: A set of platform constants (e.g. errno values)

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/github/jnr/jnr-constants/0.8.7/jnr-constants-0.8.7.jar
MD5: 5c8b5debb21e27d90736d5301e10e054
SHA1: 7c04dd91d276cf955d1579b9f1db32c106a56411
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jnr-enxio-0.9.jar

Description: Native I/O access for java

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/github/jnr/jnr-enxio/0.9/jnr-enxio-0.9.jar
MD5: a92fe9e66d94195fce0953668fdc9085
SHA1: 56c2b08502d09428150e294ed8299ff80c75772d
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jnr-posix-3.0.12.jar

Description:  Common cross-project/cross-platform POSIX APIs

License:

Common Public License - v 1.0: http://www-128.ibm.com/developerworks/library/os-cpl.html
GNU General Public License Version 2: http://www.gnu.org/copyleft/gpl.html
GNU Lesser General Public License Version 2.1: http://www.gnu.org/licenses/lgpl.html
File Path: /root/.m2/repository/com/github/jnr/jnr-posix/3.0.12/jnr-posix-3.0.12.jar
MD5: 81804d485c052ee3686eca241b3fd8d0
SHA1: 559ffe0905895b9c41bb0e5db85741c06c349ab3
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jnr-unixsocket-0.8.jar

Description: Native I/O access for java

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/github/jnr/jnr-unixsocket/0.8/jnr-unixsocket-0.8.jar
MD5: 28b1fbff1da78ed4e5cc139c192b4bc1
SHA1: f1cd99bac8ef394b98ad72a13417c74c6596a7e8
Referenced In Project/Scope: headerbuddy:compile

Identifiers

commons-lang-2.6.jar

Description:  Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/commons-lang/commons-lang/2.6/commons-lang-2.6.jar
MD5: 4d5c1693079575b362edf41500630bbd
SHA1: 0ce1edb914c94ebc388f086c6827e8bdeec71ac2
Referenced In Project/Scope: headerbuddy:compile

Identifiers

bcprov-jdk15on-1.52.jar

Description: The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8.

License:

Bouncy Castle Licence: http://www.bouncycastle.org/licence.html
File Path: /root/.m2/repository/org/bouncycastle/bcprov-jdk15on/1.52/bcprov-jdk15on-1.52.jar
MD5: 873ac611cb0d7160c0a3d30eee964454
SHA1: 88a941faf9819d371e3174b5ed56a3f3f7d73269
Referenced In Project/Scope: headerbuddy:compile

Identifiers

  • cpe: cpe:/a:bouncycastle:bouncy_castle_crypto_package:1.52   Confidence:Low   
  • maven: org.bouncycastle:bcprov-jdk15on:1.52    Confidence:Highest
  • cpe: cpe:/a:bouncycastle:bouncy-castle-crypto-package:1.52   Confidence:Low   

bcpkix-jdk15on-1.52.jar

Description: The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.5 to JDK 1.8. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.

License:

Bouncy Castle Licence: http://www.bouncycastle.org/licence.html
File Path: /root/.m2/repository/org/bouncycastle/bcpkix-jdk15on/1.52/bcpkix-jdk15on-1.52.jar
MD5: 72104264eec0fd299cca4b07eada5d5b
SHA1: b8ffac2bbc6626f86909589c8cc63637cc936504
Referenced In Project/Scope: headerbuddy:compile

Identifiers

logback-core-1.1.11.jar

Description: logback-core module

License:

http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
File Path: /root/.m2/repository/ch/qos/logback/logback-core/1.1.11/logback-core-1.1.11.jar
MD5: cc7a8deacd26b0aa2668779ce2721c0f
SHA1: 88b8df40340eed549fb07e2613879bf6b006704d
Referenced In Project/Scope: headerbuddy:compile

Identifiers

docker-client-8.7.1-shaded.jar

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar
MD5: 7625c7eadc067af4d6864a7d4375247d
SHA1: cc1e27e1dad3fb0bfc0b27c0377e150c88fb02c7
Referenced In Project/Scope: headerbuddy:compile

Identifiers

CVE-2017-7297  

Severity: Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls

Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. This is fixed in versions rancher/server:v1.2.4, rancher/server:v1.3.5, rancher/server:v1.4.3, and rancher/server:v1.5.3.

Vulnerable Software & Versions: (show all)

google-auth-library-credentials-0.6.0.jar

File Path: /root/.m2/repository/com/google/auth/google-auth-library-credentials/0.6.0/google-auth-library-credentials-0.6.0.jar
MD5: 57707faa6fe24d7e01e203b2d39aed70
SHA1: 2f22d2cb659087aaa190990fa28854439b08b4e9
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jsr305-1.3.9.jar

Description: JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/google/code/findbugs/jsr305/1.3.9/jsr305-1.3.9.jar
MD5: 1d5a772e400b04bb67a7ef4a0e0996d8
SHA1: 40719ea6961c0cb6afaeb6a921eaa1f6afd4cfdf
Referenced In Project/Scope: headerbuddy:compile

Identifiers

google-http-client-1.19.0.jar

Description:  Google HTTP Client Library for Java. Functionality that works on all supported Java platforms, including Java 5 (or higher) desktop (SE) and web (EE), Android, and Google App Engine.

File Path: /root/.m2/repository/com/google/http-client/google-http-client/1.19.0/google-http-client-1.19.0.jar
MD5: 1a306bb0bf74c9d991457723c0f8b3bf
SHA1: cdca49ad0977c040f603478aa2e16b2775c8fec6
Referenced In Project/Scope: headerbuddy:compile

Identifiers

google-http-client-jackson2-1.19.0.jar

File Path: /root/.m2/repository/com/google/http-client/google-http-client-jackson2/1.19.0/google-http-client-jackson2-1.19.0.jar
MD5: a0fbd6a85362ea90d37d18ce33da4282
SHA1: 81dbf9795d387d5e80e55346582d5f2fb81a42eb
Referenced In Project/Scope: headerbuddy:compile

Identifiers

google-auth-library-oauth2-http-0.6.0.jar

File Path: /root/.m2/repository/com/google/auth/google-auth-library-oauth2-http/0.6.0/google-auth-library-oauth2-http-0.6.0.jar
MD5: 09f2d1044cbc31dd833727d5bcec07c0
SHA1: 8f25e25c8638976fe1d106f665d2b03089fe8c6e
Referenced In Project/Scope: headerbuddy:compile

Identifiers

config-1.2.0.jar

Description: config

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /root/.m2/repository/com/typesafe/config/1.2.0/config-1.2.0.jar
MD5: 01b826838d32e6253fe9ee7930db6c8c
SHA1: b2b6ad16307793a8e57f378de24447a4968c0ca3
Referenced In Project/Scope: headerbuddy:compile

Identifiers

maven-model-3.3.3.jar

Description: Model for Maven POM (Project Object Model)

File Path: /root/.m2/repository/org/apache/maven/maven-model/3.3.3/maven-model-3.3.3.jar
MD5: 8d597960f6433ff051c717c797e93eb4
SHA1: 73ba535c2e3a1381aeab131598010b3a723d4b47
Referenced In Project/Scope: headerbuddy:compile

Identifiers

maven-settings-3.3.3.jar

Description: Maven Settings model.

File Path: /root/.m2/repository/org/apache/maven/maven-settings/3.3.3/maven-settings-3.3.3.jar
MD5: 0516b7d8b2074ef63f5edbf6909e4ec3
SHA1: ee22dc01e29a0250649aef2f7f8dfe18e2d56b3b
Referenced In Project/Scope: headerbuddy:compile

Identifiers

maven-builder-support-3.3.3.jar

Description: Support for descriptor builders (model, setting, toolchains)

File Path: /root/.m2/repository/org/apache/maven/maven-builder-support/3.3.3/maven-builder-support-3.3.3.jar
MD5: 9a901a1fc3c85781ff78a41ce4362d01
SHA1: 0e22a6bcaa8245e834ee3bc884a0c4fee4bbd079
Referenced In Project/Scope: headerbuddy:compile

Identifiers

maven-settings-builder-3.3.3.jar

Description: The effective settings builder, with inheritance and password decryption.

File Path: /root/.m2/repository/org/apache/maven/maven-settings-builder/3.3.3/maven-settings-builder-3.3.3.jar
MD5: e87400260744164df9eb3dc69c06d35b
SHA1: dc31f012df43b7dc0ca1b7ace6a07c05d312d04b
Referenced In Project/Scope: headerbuddy:compile

Identifiers

maven-repository-metadata-3.3.3.jar

Description: Per-directory local and remote repository metadata.

File Path: /root/.m2/repository/org/apache/maven/maven-repository-metadata/3.3.3/maven-repository-metadata-3.3.3.jar
MD5: c04f7ed90510effff54a818966941ee0
SHA1: f71036634559271d124b0d2ebe54f934f3b2feab
Referenced In Project/Scope: headerbuddy:compile

Identifiers

maven-plugin-api-3.3.3.jar

Description: The API for plugins - Mojos - development.

File Path: /root/.m2/repository/org/apache/maven/maven-plugin-api/3.3.3/maven-plugin-api-3.3.3.jar
MD5: 69ab6f661667970818b68e834f762f1f
SHA1: 3b78a7e40707be313c4d5449ba514c9747e1c731
Referenced In Project/Scope: headerbuddy:compile

Identifiers

maven-model-builder-3.3.3.jar

Description: The effective model builder, with inheritance, profile activation, interpolation, ...

File Path: /root/.m2/repository/org/apache/maven/maven-model-builder/3.3.3/maven-model-builder-3.3.3.jar
MD5: 0d546dc2ec5bd45df90746f353dfe8bd
SHA1: 1f88e42b4a4ee54ff692761186bf661b257d262d
Referenced In Project/Scope: headerbuddy:compile

Identifiers

aether-spi-1.0.2.v20150114.jar

Description:  The service provider interface for repository system implementations and repository connectors.

License:

http://www.eclipse.org/legal/epl-v10.html
File Path: /root/.m2/repository/org/eclipse/aether/aether-spi/1.0.2.v20150114/aether-spi-1.0.2.v20150114.jar
MD5: 27c2dcac7a0cd4818874d2c14abfd34e
SHA1: 8428dfa330107984f3e3ac05cc3ebd50b2676866
Referenced In Project/Scope: headerbuddy:compile

Identifiers

maven-aether-provider-3.3.3.jar

Description: Extensions to Aether for utilizing Maven POM and repository metadata.

File Path: /root/.m2/repository/org/apache/maven/maven-aether-provider/3.3.3/maven-aether-provider-3.3.3.jar
MD5: 82bb80dd4639adce62630230a54474ab
SHA1: b988852003993f2d0b18bd3dffd47a9546ac5879
Referenced In Project/Scope: headerbuddy:compile

Identifiers

aether-impl-1.0.2.v20150114.jar

Description:  An implementation of the repository system.

License:

http://www.eclipse.org/legal/epl-v10.html
File Path: /root/.m2/repository/org/eclipse/aether/aether-impl/1.0.2.v20150114/aether-impl-1.0.2.v20150114.jar
MD5: 90c5812e3e05a2419b47edd075920c3b
SHA1: f147539e6e60dfbda9ef7f6d750066170f61b7a1
Referenced In Project/Scope: headerbuddy:compile

Identifiers

aether-api-1.0.2.v20150114.jar

Description:  The application programming interface for the repository system.

License:

http://www.eclipse.org/legal/epl-v10.html
File Path: /root/.m2/repository/org/eclipse/aether/aether-api/1.0.2.v20150114/aether-api-1.0.2.v20150114.jar
MD5: 17cca827aa6a828de92225021df327a7
SHA1: 839f93a5213fb3e233b09bfd6d6b95669f7043c0
Referenced In Project/Scope: headerbuddy:compile

Identifiers

aether-util-1.0.2.v20150114.jar

Description:  A collection of utility classes to ease usage of the repository system.

License:

http://www.eclipse.org/legal/epl-v10.html
File Path: /root/.m2/repository/org/eclipse/aether/aether-util/1.0.2.v20150114/aether-util-1.0.2.v20150114.jar
MD5: ae0f47f571109fe3b7b40a7dea085714
SHA1: d2d3c74a5210544b5cdce89a2c1d1c62835692d1
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jsr250-api-1.0.jar

Description: JSR-250 Reference Implementation by Glassfish

License:

COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0: https://glassfish.dev.java.net/public/CDDLv1.0.html
File Path: /root/.m2/repository/javax/annotation/jsr250-api/1.0/jsr250-api-1.0.jar
MD5: 4cd56b2e4977e541186de69f5126b4a6
SHA1: 5025422767732a1ab45d93abfea846513d742dcf
Referenced In Project/Scope: headerbuddy:compile

Identifiers

cdi-api-1.0.jar

Description: APIs for JSR-299: Contexts and Dependency Injection for Java EE

File Path: /root/.m2/repository/javax/enterprise/cdi-api/1.0/cdi-api-1.0.jar
MD5: 462c0959f0322016495f4598243bc0f2
SHA1: 44c453f60909dfc223552ace63e05c694215156b
Referenced In Project/Scope: headerbuddy:compile

Identifiers

org.eclipse.sisu.inject-0.3.0.jar

License:

http://www.eclipse.org/legal/epl-v10.html
File Path: /root/.m2/repository/org/eclipse/sisu/org.eclipse.sisu.inject/0.3.0/org.eclipse.sisu.inject-0.3.0.jar
MD5: 12da4a6ec79507382accc0d13a097be2
SHA1: 6c25adce9ca9af097728ed57834e8807e3b6e2b5
Referenced In Project/Scope: headerbuddy:compile

Identifiers

org.eclipse.sisu.plexus-0.3.0.jar

License:

http://www.eclipse.org/legal/epl-v10.html
File Path: /root/.m2/repository/org/eclipse/sisu/org.eclipse.sisu.plexus/0.3.0/org.eclipse.sisu.plexus-0.3.0.jar
MD5: 04c44f5fca09e30b00de3f3d8e46b10f
SHA1: 3f53953a998d03b9b0f7d5098f63119e434af0ef
Referenced In Project/Scope: headerbuddy:compile

Identifiers

javax.inject-1.jar

Description: The javax.inject API

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/javax/inject/javax.inject/1/javax.inject-1.jar
MD5: 289075e48b909e9e74e6c915b3631d2e
SHA1: 6975da39a7040257bd51d21a231b76c915872d38
Referenced In Project/Scope: headerbuddy:compile

Identifiers

aopalliance-1.0.jar

Description: AOP Alliance

License:

Public Domain
File Path: /root/.m2/repository/aopalliance/aopalliance/1.0/aopalliance-1.0.jar
MD5: 04177054e180d09e3998808efa0401c7
SHA1: 0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8
Referenced In Project/Scope: headerbuddy:compile

Identifiers

sisu-guice-3.2.5-no_aop.jar

Description: Patched build of Guice: a lightweight dependency injection framework for Java 6 and above

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/sonatype/sisu/sisu-guice/3.2.5/sisu-guice-3.2.5-no_aop.jar
MD5: c5ef1131776e9e2fa5a4766bc1c0f74e
SHA1: c5a46b80cbc7eaaa88b5b3251fbd3c72346ea3d1
Referenced In Project/Scope: headerbuddy:compile

Identifiers

plexus-interpolation-1.21.jar

File Path: /root/.m2/repository/org/codehaus/plexus/plexus-interpolation/1.21/plexus-interpolation-1.21.jar
MD5: 6629656495f4e5eac4f244fe3b252ea1
SHA1: f92de59d295f16868001644acc21720f3ec9eb15
Referenced In Project/Scope: headerbuddy:compile

Identifiers

plexus-utils-3.0.20.jar

Description: A collection of various utility classes to ease working with strings, files, command lines, XML and more.

File Path: /root/.m2/repository/org/codehaus/plexus/plexus-utils/3.0.20/plexus-utils-3.0.20.jar
MD5: 938c786f2aca49b44b0cbfd39db51c5a
SHA1: e121ed37af8ee3928952f6d8a303de24e019aab0
Referenced In Project/Scope: headerbuddy:compile

Identifiers

plexus-classworlds-2.5.2.jar

Description: A class loader framework

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/codehaus/plexus/plexus-classworlds/2.5.2/plexus-classworlds-2.5.2.jar
MD5: 53b54feee8cef6b843bd6748bda4bfa7
SHA1: 4abb111bfdace5b8167db4c0ef74644f3f88f142
Referenced In Project/Scope: headerbuddy:compile

Identifiers

plexus-component-annotations-1.5.5.jar

Description:  Plexus Component "Java 5" Annotations, to describe plexus components properties in java sources with standard annotations instead of javadoc annotations.

File Path: /root/.m2/repository/org/codehaus/plexus/plexus-component-annotations/1.5.5/plexus-component-annotations-1.5.5.jar
MD5: ef37dcdb84030422db428b63c4354e5b
SHA1: c72f2660d0cbed24246ddb55d7fdc4f7374d2078
Referenced In Project/Scope: headerbuddy:compile

Identifiers

plexus-cipher-1.4.jar

File Path: /root/.m2/repository/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jar
MD5: 7b2d6fcf0d5800d5b1ce09d98d98dcaf
SHA1: 50ade46f23bb38cd984b4ec560c46223432aac38
Referenced In Project/Scope: headerbuddy:compile

Identifiers

plexus-sec-dispatcher-1.3.jar

File Path: /root/.m2/repository/org/sonatype/plexus/plexus-sec-dispatcher/1.3/plexus-sec-dispatcher-1.3.jar
MD5: 53160199f5667de3fca69b723173639b
SHA1: dedc02034fb8fcd7615d66593228cb71709134b4
Referenced In Project/Scope: headerbuddy:compile

Identifiers

maven-core-3.3.3.jar

Description: Maven Core classes.

File Path: /root/.m2/repository/org/apache/maven/maven-core/3.3.3/maven-core-3.3.3.jar
MD5: 035473db50711631ac36cb2fce903901
SHA1: 448424409da7d2f87a3b260a7a589cbc2c791f6a
Referenced In Project/Scope: headerbuddy:compile

Identifiers

maven-artifact-3.3.3.jar

File Path: /root/.m2/repository/org/apache/maven/maven-artifact/3.3.3/maven-artifact-3.3.3.jar
MD5: 3f011c366a0f097e10ef3349394ebacb
SHA1: d9f439dfef726e54eebb390ff38dd27356901528
Referenced In Project/Scope: headerbuddy:compile

Identifiers

jsch-0.1.46.jar

Description: JSch is a pure Java implementation of SSH2

License:

Revised BSD: http://www.jcraft.com/jsch/LICENSE.txt
File Path: /root/.m2/repository/com/jcraft/jsch/0.1.46/jsch-0.1.46.jar
MD5: 0af9986bb69547706896c28d169f2902
SHA1: 0f3a38fd1d65c32bd627b1389e7181eb294cc8a8
Referenced In Project/Scope: headerbuddy:compile

Identifiers

  • maven: com.jcraft:jsch:0.1.46    Confidence:Highest
  • cpe: cpe:/a:jcraft:jsch:0.1.46   Confidence:Low   

CVE-2016-5725  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command.

Vulnerable Software & Versions:

JavaEWAH-0.5.6.jar

Description: The bit array data structure is implemented in Java as the BitSet class. Unfortunately, this fails to scale without compression. JavaEWAH is a word-aligned compressed variant of the Java bitset class. It uses a 64-bit run-length encoding (RLE) compression scheme. The goal of word-aligned compression is not to achieve the best compression, but rather to improve query processing time. Hence, we try to save CPU cycles, maybe at the expense of storage. However, the EWAH scheme we implemented is always more efficient storage-wise than an uncompressed bitmap (implemented in Java as the BitSet class). Unlike some alternatives, javaewah does not rely on a patented scheme.

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/googlecode/javaewah/JavaEWAH/0.5.6/JavaEWAH-0.5.6.jar
MD5: b561ede18eb0704ebc862d3cd4c731c8
SHA1: 1207c0fc8552d4f5f574b50f29321d923521128e
Referenced In Project/Scope: headerbuddy:compile

Identifiers

org.eclipse.jgit-3.2.0.201312181205-r.jar

Description:  Repository access and algorithms

File Path: /root/.m2/repository/org/eclipse/jgit/org.eclipse.jgit/3.2.0.201312181205-r/org.eclipse.jgit-3.2.0.201312181205-r.jar
MD5: e4e2326659b21e8bdfc55558c6a08e43
SHA1: 4b99546e8c8a04597b7a4564003e3b554ec12b5c
Referenced In Project/Scope: headerbuddy:compile

Identifiers

docker-maven-plugin-1.0.0.jar

Description: A maven plugin for docker

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/spotify/docker-maven-plugin/1.0.0/docker-maven-plugin-1.0.0.jar
MD5: 2e99e9ba89ebb4a6081fc2146ff8cafa
SHA1: b4aa0f29787d6ab7411953c0bae17acfd4adf064
Referenced In Project/Scope: headerbuddy:compile

Identifiers

CVE-2014-0047  

Severity: Medium
CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)

Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage.

Vulnerable Software & Versions:

CVE-2014-3499  

Severity: High
CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
CWE: CWE-264 Permissions, Privileges, and Access Controls

Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

Vulnerable Software & Versions:

CVE-2014-5277  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-17 Code

Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic.

Vulnerable Software & Versions: (show all)

CVE-2014-6407  

Severity: High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.

Vulnerable Software & Versions: (show all)

CVE-2014-9358  

Severity: Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
CWE: CWE-20 Improper Input Validation

Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications."

Vulnerable Software & Versions:

CVE-2015-3627  

Severity: High
CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')

Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.

Vulnerable Software & Versions: (show all)

CVE-2015-3630  

Severity: High
CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
CWE: CWE-264 Permissions, Privileges, and Access Controls

Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image.

Vulnerable Software & Versions:

CVE-2015-3631  

Severity: Low
CVSS Score: 3.6 (AV:L/AC:L/Au:N/C:N/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc.

Vulnerable Software & Versions:

CVE-2016-3697  

Severity: Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-264 Permissions, Privileges, and Access Controls

libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container.

Vulnerable Software & Versions: (show all)

CVE-2017-14992  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-20 Improper Input Validation

Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing.

Vulnerable Software & Versions: (show all)

CVE-2017-7297  

Severity: Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls

Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. This is fixed in versions rancher/server:v1.2.4, rancher/server:v1.3.5, rancher/server:v1.4.3, and rancher/server:v1.5.3.

Vulnerable Software & Versions: (show all)

mysql-connector-java-5.1.44.jar

Description: MySQL JDBC Type 4 driver

License:

The GNU General Public License, Version 2: http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
File Path: /root/.m2/repository/mysql/mysql-connector-java/5.1.44/mysql-connector-java-5.1.44.jar
MD5: 5278a3a02fbf9266450612860ba2f41d
SHA1: 61b6b998192c85bb581c6be90e03dcd4b9079db4
Referenced In Project/Scope: headerbuddy:compile

Identifiers

  • cpe: cpe:/a:oracle:mysql:5.1.44   Confidence:Low   
  • cpe: cpe:/a:oracle:connector/j:5.1.44   Confidence:Low   
  • cpe: cpe:/a:oracle:mysql_connectors:5.1.44   Confidence:Low   
  • cpe: cpe:/a:sun:mysql_connector/j:5.1.44   Confidence:Low   
  • cpe: cpe:/a:mysql:mysql:5.1.44   Confidence:Highest   
  • maven: mysql:mysql-connector-java:5.1.44    Confidence:Highest

CVE-2009-5026  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.

Vulnerable Software & Versions: (show all)

CVE-2010-1621  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-264 Permissions, Privileges, and Access Controls

The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.

Vulnerable Software & Versions:

CVE-2010-1626  

Severity: Low
CVSS Score: 3.6 (AV:L/AC:L/Au:N/C:N/I:P/A:P)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')

MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.

Vulnerable Software & Versions: (show all)

CVE-2010-1848  

Severity: Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.

Vulnerable Software & Versions: (show all)

CVE-2010-1849  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.

Vulnerable Software & Versions: (show all)

CVE-2010-1850  

Severity: Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.

Vulnerable Software & Versions: (show all)

CVE-2010-2008  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CWE: CWE-20 Improper Input Validation

MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.

Vulnerable Software & Versions: (show all)

CVE-2010-3676  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.

Vulnerable Software & Versions: (show all)

CVE-2010-3677  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.

Vulnerable Software & Versions: (show all)

CVE-2010-3678  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.

Vulnerable Software & Versions: (show all)

CVE-2010-3679  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.

Vulnerable Software & Versions: (show all)

CVE-2010-3680  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.

Vulnerable Software & Versions: (show all)

CVE-2010-3681  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.

Vulnerable Software & Versions: (show all)

CVE-2010-3682  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.

Vulnerable Software & Versions: (show all)

CVE-2010-3683  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.

Vulnerable Software & Versions: (show all)

CVE-2010-3833  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."

Vulnerable Software & Versions: (show all)

CVE-2010-3834  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."

Vulnerable Software & Versions: (show all)

CVE-2010-3835  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-189 Numeric Errors

MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.

Vulnerable Software & Versions: (show all)

CVE-2010-3836  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.

Vulnerable Software & Versions: (show all)

CVE-2010-3837  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.

Vulnerable Software & Versions: (show all)

CVE-2010-3838  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."

Vulnerable Software & Versions: (show all)

CVE-2010-3839  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.

Vulnerable Software & Versions: (show all)

CVE-2010-3840  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.

Vulnerable Software & Versions: (show all)

CVE-2011-2262  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2012-0075  

Severity: Low
CVSS Score: 1.7 (AV:N/AC:H/Au:M/C:N/I:P/A:N)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2012-0087  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.

Vulnerable Software & Versions: (show all)

CVE-2012-0101  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.

Vulnerable Software & Versions: (show all)

CVE-2012-0102  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.

Vulnerable Software & Versions: (show all)

CVE-2012-0112  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.

Vulnerable Software & Versions: (show all)

CVE-2012-0113  

Severity: Medium
CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:P/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118.

Vulnerable Software & Versions: (show all)

CVE-2012-0114  

Severity: Low
CVSS Score: 3.0 (AV:L/AC:M/Au:S/C:P/I:P/A:N)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2012-0115  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.

Vulnerable Software & Versions: (show all)

CVE-2012-0116  

Severity: Medium
CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:P/A:N)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2012-0118  

Severity: Medium
CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.

Vulnerable Software & Versions: (show all)

CVE-2012-0119  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.

Vulnerable Software & Versions: (show all)

CVE-2012-0120  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.

Vulnerable Software & Versions: (show all)

CVE-2012-0484  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2012-0485  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492.

Vulnerable Software & Versions: (show all)

CVE-2012-0490  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2012-0492  

Severity: Low
CVSS Score: 2.1 (AV:N/AC:H/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.

Vulnerable Software & Versions: (show all)

CVE-2012-0540  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.

Vulnerable Software & Versions: (show all)

CVE-2012-0553  

Severity: High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.

Vulnerable Software & Versions: (show all)

CVE-2012-0572  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2012-0574  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2012-0578  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2012-0583  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.

Vulnerable Software & Versions: (show all)

CVE-2012-0882  

Severity: High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.

Vulnerable Software & Versions: (show all)

CVE-2012-1688  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.

Vulnerable Software & Versions: (show all)

CVE-2012-1689  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2012-1690  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.

Vulnerable Software & Versions: (show all)

CVE-2012-1696  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2012-1697  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.

Vulnerable Software & Versions: (show all)

CVE-2012-1702  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2012-1703  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.

Vulnerable Software & Versions: (show all)

CVE-2012-1705  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2012-1734  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2012-1735  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2012-1756  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2012-1757  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2012-2102  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.

Vulnerable Software & Versions: (show all)

CVE-2012-2749  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.

Vulnerable Software & Versions: (show all)

CVE-2012-3144  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.

Vulnerable Software & Versions: (show all)

CVE-2012-3147  

Severity: Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client.

Vulnerable Software & Versions: (show all)

CVE-2012-3149  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client.

Vulnerable Software & Versions: (show all)

CVE-2012-3150  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2012-3156  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.

Vulnerable Software & Versions: (show all)

CVE-2012-3158  

Severity: High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.

Vulnerable Software & Versions: (show all)

CVE-2012-3160  

Severity: Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.

Vulnerable Software & Versions: (show all)

CVE-2012-3163  

Severity: High
CVSS Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.

Vulnerable Software & Versions: (show all)

CVE-2012-3166  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2012-3167  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.

Vulnerable Software & Versions: (show all)

CVE-2012-3173  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.

Vulnerable Software & Versions: (show all)

CVE-2012-3177  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.

Vulnerable Software & Versions: (show all)

CVE-2012-3180  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2012-3197  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.

Vulnerable Software & Versions: (show all)

CVE-2012-4414  

Severity: Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.

Vulnerable Software & Versions: (show all)

CVE-2012-5060  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.

Vulnerable Software & Versions: (show all)

CVE-2012-5096  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2012-5627  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
CWE: CWE-255 Credentials Management

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.

Vulnerable Software & Versions: (show all)

CVE-2013-0367  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.

Vulnerable Software & Versions: (show all)

CVE-2013-0368  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2013-0371  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.

Vulnerable Software & Versions: (show all)

CVE-2013-0375  

Severity: Medium
CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:P/I:P/A:N)
CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.

Vulnerable Software & Versions: (show all)

CVE-2013-0383  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.

Vulnerable Software & Versions: (show all)

CVE-2013-0384  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.

Vulnerable Software & Versions: (show all)

CVE-2013-0385  

Severity: Medium
CVSS Score: 6.6 (AV:L/AC:L/Au:N/C:C/I:C/A:N)

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.

Vulnerable Software & Versions: (show all)

CVE-2013-0386  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.

Vulnerable Software & Versions: (show all)

CVE-2013-0389  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2013-1492  

Severity: High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.

Vulnerable Software & Versions: (show all)

CVE-2013-1502  

Severity: Low
CVSS Score: 1.5 (AV:L/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.

Vulnerable Software & Versions: (show all)

CVE-2013-1506  

Severity: Low
CVSS Score: 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.

Vulnerable Software & Versions: (show all)

CVE-2013-1511  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2013-1512  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.

Vulnerable Software & Versions: (show all)

CVE-2013-1521  

Severity: Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.

Vulnerable Software & Versions: (show all)

CVE-2013-1523  

Severity: Medium
CVSS Score: 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2013-1526  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.

Vulnerable Software & Versions: (show all)

CVE-2013-1531  

Severity: Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges.

Vulnerable Software & Versions: (show all)

CVE-2013-1532  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.

Vulnerable Software & Versions: (show all)

CVE-2013-1544  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.

Vulnerable Software & Versions: (show all)

CVE-2013-1548  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.

Vulnerable Software & Versions: (show all)

CVE-2013-1552  

Severity: Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2013-1555  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.

Vulnerable Software & Versions: (show all)

CVE-2013-1566  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2013-1567  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-2395.

Vulnerable Software & Versions: (show all)

CVE-2013-1570  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached.

Vulnerable Software & Versions: (show all)

CVE-2013-2375  

Severity: Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2013-2376  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.

Vulnerable Software & Versions: (show all)

CVE-2013-2378  

Severity: Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.

Vulnerable Software & Versions: (show all)

CVE-2013-2381  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N)

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.

Vulnerable Software & Versions: (show all)

CVE-2013-2389  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2013-2391  

Severity: Low
CVSS Score: 3.0 (AV:L/AC:M/Au:S/C:P/I:P/A:N)

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.

Vulnerable Software & Versions: (show all)

CVE-2013-2392  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2013-2395  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567.

Vulnerable Software & Versions: (show all)

CVE-2013-3783  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.

Vulnerable Software & Versions: (show all)

CVE-2013-3793  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.

Vulnerable Software & Versions: (show all)

CVE-2013-3794  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.

Vulnerable Software & Versions: (show all)

CVE-2013-3795  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.

Vulnerable Software & Versions: (show all)

CVE-2013-3796  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2013-3798  

Severity: Medium
CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:N/I:P/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.

Vulnerable Software & Versions: (show all)

CVE-2013-3801  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.

Vulnerable Software & Versions: (show all)

CVE-2013-3802  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.

Vulnerable Software & Versions: (show all)

CVE-2013-3804  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2013-3805  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.

Vulnerable Software & Versions: (show all)

CVE-2013-3806  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.

Vulnerable Software & Versions: (show all)

CVE-2013-3807  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:H/Au:N/C:P/I:P/A:N)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.

Vulnerable Software & Versions: (show all)

CVE-2013-3808  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.

Vulnerable Software & Versions: (show all)

CVE-2013-3809  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.

Vulnerable Software & Versions: (show all)

CVE-2013-3810  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.

Vulnerable Software & Versions: (show all)

CVE-2013-3811  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806.

Vulnerable Software & Versions: (show all)

CVE-2013-3812  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.

Vulnerable Software & Versions: (show all)

CVE-2013-3839  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2013-5767  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2013-5770  

Severity: Low
CVSS Score: 2.1 (AV:N/AC:H/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.

Vulnerable Software & Versions: (show all)

CVE-2013-5786  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5793.

Vulnerable Software & Versions: (show all)

CVE-2013-5793  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5786.

Vulnerable Software & Versions: (show all)

CVE-2013-5860  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.

Vulnerable Software & Versions: (show all)

CVE-2013-5881  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2014-0431.

Vulnerable Software & Versions: (show all)

CVE-2013-5882  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedures.

Vulnerable Software & Versions: (show all)

CVE-2013-5891  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.

Vulnerable Software & Versions: (show all)

CVE-2013-5894  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2013-5908  

Severity: Low
CVSS Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.

Vulnerable Software & Versions: (show all)

CVE-2014-0384  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.

Vulnerable Software & Versions: (show all)

CVE-2014-0386  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2014-0393  

Severity: Low
CVSS Score: 3.3 (AV:N/AC:L/Au:M/C:N/I:P/A:N)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2014-0401  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2014-0402  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.

Vulnerable Software & Versions: (show all)

CVE-2014-0412  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2014-0420  

Severity: Low
CVSS Score: 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication.

Vulnerable Software & Versions: (show all)

CVE-2014-0427  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS.

Vulnerable Software & Versions: (show all)

CVE-2014-0430  

Severity: Low
CVSS Score: 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.

Vulnerable Software & Versions: (show all)

CVE-2014-0431  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5881.

Vulnerable Software & Versions: (show all)

CVE-2014-0433  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote attackers to affect availability via unknown vectors related to Thread Pooling.

Vulnerable Software & Versions: (show all)

CVE-2014-0437  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2014-2419  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.

Vulnerable Software & Versions: (show all)

CVE-2014-2430  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.

Vulnerable Software & Versions: (show all)

CVE-2014-2431  

Severity: Low
CVSS Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.

Vulnerable Software & Versions: (show all)

CVE-2014-2432  

Severity: Low
CVSS Score: 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P)

Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.

Vulnerable Software & Versions: (show all)

CVE-2014-2434  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Vulnerable Software & Versions: (show all)

CVE-2014-2435  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2014-2436  

Severity: Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.

Vulnerable Software & Versions: (show all)

CVE-2014-2438  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.

Vulnerable Software & Versions: (show all)

CVE-2014-2442  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM.

Vulnerable Software & Versions: (show all)

CVE-2014-2444  

Severity: Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2014-2450  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2014-2451  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Privileges.

Vulnerable Software & Versions: (show all)

CVE-2014-2484  

Severity: Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS.

Vulnerable Software & Versions: (show all)

CVE-2014-2494  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.

Vulnerable Software & Versions: (show all)

CVE-2014-4207  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.

Vulnerable Software & Versions: (show all)

CVE-2014-4214  

Severity: Low
CVSS Score: 3.3 (AV:N/AC:L/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.

Vulnerable Software & Versions: (show all)

CVE-2014-4233  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP.

Vulnerable Software & Versions: (show all)

CVE-2014-4238  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.

Vulnerable Software & Versions: (show all)

CVE-2014-4240  

Severity: Low
CVSS Score: 3.6 (AV:L/AC:L/Au:N/C:P/I:P/A:N)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows local users to affect confidentiality and integrity via vectors related to SRREP.

Vulnerable Software & Versions: (show all)

CVE-2014-4243  

Severity: Low
CVSS Score: 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.

Vulnerable Software & Versions: (show all)

CVE-2014-4258  

Severity: Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.

Vulnerable Software & Versions: (show all)

CVE-2014-4260  

Severity: Medium
CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:N/I:P/A:P)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.

Vulnerable Software & Versions: (show all)

CVE-2014-4274  

Severity: Medium
CVSS Score: 4.1 (AV:L/AC:M/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to SERVER:MyISAM.

Vulnerable Software & Versions: (show all)

CVE-2014-6463  

Severity: Low
CVSS Score: 3.3 (AV:N/AC:L/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.

Vulnerable Software & Versions: (show all)

CVE-2014-6464  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.

Vulnerable Software & Versions: (show all)

CVE-2014-6469  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.

Vulnerable Software & Versions: (show all)

CVE-2014-6474  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.

Vulnerable Software & Versions: (show all)

CVE-2014-6478  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.

Vulnerable Software & Versions: (show all)

CVE-2014-6484  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:DML.

Vulnerable Software & Versions: (show all)

CVE-2014-6489  

Severity: Medium
CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:N/I:P/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.

Vulnerable Software & Versions: (show all)

CVE-2014-6491  

Severity: High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500.

Vulnerable Software & Versions: (show all)

CVE-2014-6494  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496.

Vulnerable Software & Versions: (show all)

CVE-2014-6495  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.

Vulnerable Software & Versions: (show all)

CVE-2014-6496  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494.

Vulnerable Software & Versions: (show all)

CVE-2014-6500  

Severity: High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491.

Vulnerable Software & Versions: (show all)

CVE-2014-6505  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.

Vulnerable Software & Versions: (show all)

CVE-2014-6507  

Severity: High
CVSS Score: 8.0 (AV:N/AC:L/Au:S/C:P/I:P/A:C)

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.

Vulnerable Software & Versions: (show all)

CVE-2014-6520  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.

Vulnerable Software & Versions: (show all)

CVE-2014-6530  

Severity: Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP.

Vulnerable Software & Versions: (show all)

CVE-2014-6551  

Severity: Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.

Vulnerable Software & Versions: (show all)

CVE-2014-6555  

Severity: Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.

Vulnerable Software & Versions: (show all)

CVE-2014-6559  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.

Vulnerable Software & Versions: (show all)

CVE-2014-6564  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.

Vulnerable Software & Versions: (show all)

CVE-2014-6568  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.

Vulnerable Software & Versions: (show all)

CVE-2015-0374  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N)

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.

Vulnerable Software & Versions: (show all)

CVE-2015-0381  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.

Vulnerable Software & Versions: (show all)

CVE-2015-0382  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.

Vulnerable Software & Versions: (show all)

CVE-2015-0385  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.

Vulnerable Software & Versions:

CVE-2015-0391  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

Vulnerable Software & Versions: (show all)

CVE-2015-0405  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.

Vulnerable Software & Versions:

CVE-2015-0409  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2015-0411  

Severity: High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.

Vulnerable Software & Versions: (show all)

CVE-2015-0423  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2015-0432  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.

Vulnerable Software & Versions:

CVE-2015-0433  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.

Vulnerable Software & Versions: (show all)

CVE-2015-0438  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.

Vulnerable Software & Versions:

CVE-2015-0439  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.

Vulnerable Software & Versions: (show all)

CVE-2015-0441  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.

Vulnerable Software & Versions: (show all)

CVE-2015-0498  

Severity: Low
CVSS Score: 1.7 (AV:N/AC:H/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.

Vulnerable Software & Versions:

CVE-2015-0499  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.

Vulnerable Software & Versions: (show all)

CVE-2015-0500  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.

Vulnerable Software & Versions: (show all)

CVE-2015-0501  

Severity: Medium
CVSS Score: 5.7 (AV:N/AC:M/Au:M/C:N/I:N/A:C)

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.

Vulnerable Software & Versions: (show all)

CVE-2015-0503  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.

Vulnerable Software & Versions:

CVE-2015-0505  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

Vulnerable Software & Versions: (show all)

CVE-2015-0506  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2015-0508.

Vulnerable Software & Versions:

CVE-2015-0507  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.

Vulnerable Software & Versions:

CVE-2015-0508  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0506.

Vulnerable Software & Versions:

CVE-2015-0511  

Severity: Low
CVSS Score: 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.

Vulnerable Software & Versions:

CVE-2015-2566  

Severity: Low
CVSS Score: 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Vulnerable Software & Versions:

CVE-2015-2567  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.

Vulnerable Software & Versions:

CVE-2015-2568  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.

Vulnerable Software & Versions: (show all)

CVE-2015-2571  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2015-2573  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

Vulnerable Software & Versions: (show all)

CVE-2015-2582  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.

Vulnerable Software & Versions: (show all)

CVE-2015-2611  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Vulnerable Software & Versions:

CVE-2015-2617  

Severity: Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Partition.

Vulnerable Software & Versions:

CVE-2015-2620  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.

Vulnerable Software & Versions: (show all)

CVE-2015-2639  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.

Vulnerable Software & Versions:

CVE-2015-2641  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.

Vulnerable Software & Versions:

CVE-2015-2643  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2015-2648  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Vulnerable Software & Versions: (show all)

CVE-2015-2661  

Severity: Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.

Vulnerable Software & Versions:

CVE-2015-3152  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-284 Improper Access Control

Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.

Vulnerable Software & Versions: (show all)

CVE-2015-3194  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.

Vulnerable Software & Versions: (show all)

CVE-2015-4730  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows remote authenticated users to affect availability via unknown vectors related to Types.

Vulnerable Software & Versions:

CVE-2015-4737  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.

Vulnerable Software & Versions: (show all)

CVE-2015-4752  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.

Vulnerable Software & Versions: (show all)

CVE-2015-4756  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0439.

Vulnerable Software & Versions:

CVE-2015-4757  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2015-4761  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.

Vulnerable Software & Versions:

CVE-2015-4766  

Severity: Low
CVSS Score: 1.9 (AV:L/AC:M/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.

Vulnerable Software & Versions:

CVE-2015-4767  

Severity: Low
CVSS Score: 1.7 (AV:N/AC:H/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769.

Vulnerable Software & Versions:

CVE-2015-4769  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4767.

Vulnerable Software & Versions:

CVE-2015-4771  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.

Vulnerable Software & Versions:

CVE-2015-4772  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.

Vulnerable Software & Versions:

CVE-2015-4791  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.

Vulnerable Software & Versions:

CVE-2015-4792  

Severity: Low
CVSS Score: 1.7 (AV:N/AC:H/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802.

Vulnerable Software & Versions: (show all)

CVE-2015-4800  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.

Vulnerable Software & Versions:

CVE-2015-4802  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792.

Vulnerable Software & Versions: (show all)

CVE-2015-4807  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote authenticated users to affect availability via unknown vectors related to Server : Query Cache.

Vulnerable Software & Versions: (show all)

CVE-2015-4815  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.

Vulnerable Software & Versions: (show all)

CVE-2015-4816  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

Vulnerable Software & Versions:

CVE-2015-4819  

Severity: High
CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.

Vulnerable Software & Versions:

CVE-2015-4826  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.

Vulnerable Software & Versions: (show all)

CVE-2015-4830  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.

Vulnerable Software & Versions: (show all)

CVE-2015-4833  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.

Vulnerable Software & Versions:

CVE-2015-4836  

Severity: Low
CVSS Score: 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP.

Vulnerable Software & Versions: (show all)

CVE-2015-4858  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913.

Vulnerable Software & Versions: (show all)

CVE-2015-4861  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2015-4862  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Vulnerable Software & Versions:

CVE-2015-4864  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.

Vulnerable Software & Versions: (show all)

CVE-2015-4866  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

Vulnerable Software & Versions:

CVE-2015-4870  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.

Vulnerable Software & Versions: (show all)

CVE-2015-4879  

Severity: Medium
CVSS Score: 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML.

Vulnerable Software & Versions: (show all)

CVE-2015-4890  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.

Vulnerable Software & Versions:

CVE-2015-4895  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

Vulnerable Software & Versions:

CVE-2015-4904  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.

Vulnerable Software & Versions:

CVE-2015-4905  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.

Vulnerable Software & Versions:

CVE-2015-4910  

Severity: Low
CVSS Score: 2.1 (AV:N/AC:H/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.

Vulnerable Software & Versions:

CVE-2015-4913  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.

Vulnerable Software & Versions: (show all)

CVE-2016-0502  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2016-0503  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0504.

Vulnerable Software & Versions: (show all)

CVE-2016-0504  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0503.

Vulnerable Software & Versions: (show all)

CVE-2016-0505  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.

Vulnerable Software & Versions: (show all)

CVE-2016-0546  

Severity: High
CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.

Vulnerable Software & Versions: (show all)

CVE-2016-0594  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.21 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Vulnerable Software & Versions:

CVE-2016-0595  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Vulnerable Software & Versions:

CVE-2016-0596  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.

Vulnerable Software & Versions: (show all)

CVE-2016-0597  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2016-0598  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.

Vulnerable Software & Versions: (show all)

CVE-2016-0600  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2016-0606  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.

Vulnerable Software & Versions: (show all)

CVE-2016-0607  

Severity: Low
CVSS Score: 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication.

Vulnerable Software & Versions: (show all)

CVE-2016-0608  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.

Vulnerable Software & Versions: (show all)

CVE-2016-0609  

Severity: Low
CVSS Score: 1.7 (AV:N/AC:H/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.

Vulnerable Software & Versions: (show all)

CVE-2016-0610  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2016-0611  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2016-0616  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2016-0639  

Severity: High
CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication.

Vulnerable Software & Versions: (show all)

CVE-2016-0640  

Severity: Medium
CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:N/I:P/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML.

Vulnerable Software & Versions: (show all)

CVE-2016-0641  

Severity: Medium
CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM.

Vulnerable Software & Versions: (show all)

CVE-2016-0642  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:M/C:N/I:P/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.

Vulnerable Software & Versions: (show all)

CVE-2016-0643  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML.

Vulnerable Software & Versions: (show all)

CVE-2016-0644  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL.

Vulnerable Software & Versions: (show all)

CVE-2016-0646  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DML.

Vulnerable Software & Versions: (show all)

CVE-2016-0647  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS.

Vulnerable Software & Versions: (show all)

CVE-2016-0648  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS.

Vulnerable Software & Versions: (show all)

CVE-2016-0649  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS.

Vulnerable Software & Versions: (show all)

CVE-2016-0650  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to Replication.

Vulnerable Software & Versions: (show all)

CVE-2016-0651  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.

Vulnerable Software & Versions:

CVE-2016-0652  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to DML.

Vulnerable Software & Versions:

CVE-2016-0653  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to FTS.

Vulnerable Software & Versions:

CVE-2016-0654  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0656.

Vulnerable Software & Versions:

CVE-2016-0655  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2016-0656  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0654.

Vulnerable Software & Versions:

CVE-2016-0657  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N)

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect confidentiality via vectors related to JSON.

Vulnerable Software & Versions:

CVE-2016-0658  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Optimizer.

Vulnerable Software & Versions:

CVE-2016-0659  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Optimizer.

Vulnerable Software & Versions:

CVE-2016-0661  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options.

Vulnerable Software & Versions: (show all)

CVE-2016-0662  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Partition.

Vulnerable Software & Versions:

CVE-2016-0663  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Performance Schema.

Vulnerable Software & Versions:

CVE-2016-0665  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption.

Vulnerable Software & Versions: (show all)

CVE-2016-0666  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges.

Vulnerable Software & Versions: (show all)

CVE-2016-0667  

Severity: Low
CVSS Score: 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Locking.

Vulnerable Software & Versions:

CVE-2016-0668  

Severity: Low
CVSS Score: 1.7 (AV:N/AC:H/Au:M/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2016-0705  

Severity: High
CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key.

Vulnerable Software & Versions: (show all)

CVE-2016-2047  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-254 Security Features

The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com."

Vulnerable Software & Versions: (show all)

CVE-2016-2105  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-189 Numeric Errors

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

Vulnerable Software & Versions: (show all)

CVE-2016-3424  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.

Vulnerable Software & Versions:

CVE-2016-3440  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.

Vulnerable Software & Versions:

CVE-2016-3452  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.

Vulnerable Software & Versions: (show all)

CVE-2016-3459  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2016-3471  

Severity: High
CVSS Score: 7.1 (AV:N/AC:H/Au:S/C:C/I:C/A:C)

Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option.

Vulnerable Software & Versions: (show all)

CVE-2016-3477  

Severity: Medium
CVSS Score: 4.1 (AV:L/AC:M/Au:S/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.

Vulnerable Software & Versions: (show all)

CVE-2016-3486  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.

Vulnerable Software & Versions: (show all)

CVE-2016-3492  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2016-3495  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2016-3501  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2016-3518  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.

Vulnerable Software & Versions:

CVE-2016-3521  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.

Vulnerable Software & Versions: (show all)

CVE-2016-3588  

Severity: Medium
CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:N/I:P/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.

Vulnerable Software & Versions:

CVE-2016-3614  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.

Vulnerable Software & Versions: (show all)

CVE-2016-3615  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.

Vulnerable Software & Versions: (show all)

CVE-2016-5436  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.

Vulnerable Software & Versions:

CVE-2016-5437  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.

Vulnerable Software & Versions:

CVE-2016-5439  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.

Vulnerable Software & Versions: (show all)

CVE-2016-5440  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.

Vulnerable Software & Versions: (show all)

CVE-2016-5441  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.

Vulnerable Software & Versions:

CVE-2016-5442  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.

Vulnerable Software & Versions:

CVE-2016-5443  

Severity: Low
CVSS Score: 1.2 (AV:L/AC:H/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.

Vulnerable Software & Versions:

CVE-2016-5444  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.

Vulnerable Software & Versions: (show all)

CVE-2016-5507  

Severity: Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2016-5584  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.

Vulnerable Software & Versions: (show all)

CVE-2016-5609  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Vulnerable Software & Versions: (show all)

CVE-2016-5612  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Vulnerable Software & Versions: (show all)

CVE-2016-5624  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Vulnerable Software & Versions:

CVE-2016-5625  

Severity: Medium
CVSS Score: 4.4 (AV:L/AC:M/Au:N/C:P/I:P/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging.

Vulnerable Software & Versions: (show all)

CVE-2016-5626  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.

Vulnerable Software & Versions: (show all)

CVE-2016-5627  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2016-5628  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.

Vulnerable Software & Versions: (show all)

CVE-2016-5629  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.

Vulnerable Software & Versions: (show all)

CVE-2016-5630  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.

Vulnerable Software & Versions: (show all)

CVE-2016-5631  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.

Vulnerable Software & Versions: (show all)

CVE-2016-5632  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.

Vulnerable Software & Versions: (show all)

CVE-2016-5633  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290.

Vulnerable Software & Versions: (show all)

CVE-2016-5634  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR.

Vulnerable Software & Versions: (show all)

CVE-2016-5635  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.

Vulnerable Software & Versions: (show all)

CVE-2016-6662  

Severity: High
CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CWE: CWE-264 Permissions, Privileges, and Access Controls

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.

Vulnerable Software & Versions: (show all)

CVE-2016-6663  

Severity: Medium
CVSS Score: 4.4 (AV:L/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.

Vulnerable Software & Versions: (show all)

CVE-2016-6664  

Severity: Medium
CVSS Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')

mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.

Vulnerable Software & Versions: (show all)

CVE-2016-8283  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.

Vulnerable Software & Versions: (show all)

CVE-2016-8284  

Severity: Low
CVSS Score: 1.2 (AV:L/AC:H/Au:N/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.

Vulnerable Software & Versions: (show all)

CVE-2016-8286  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges.

Vulnerable Software & Versions:

CVE-2016-8287  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.

Vulnerable Software & Versions:

CVE-2016-8288  

Severity: Medium
CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:N/I:P/A:P)
CWE: CWE-284 Improper Access Control

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.

Vulnerable Software & Versions: (show all)

CVE-2016-8289  

Severity: Low
CVSS Score: 3.3 (AV:L/AC:M/Au:N/C:N/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB.

Vulnerable Software & Versions:

CVE-2016-8290  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633.

Vulnerable Software & Versions:

CVE-2016-8318  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.8 (Availability impacts).

Vulnerable Software & Versions: (show all)

CVE-2016-8327  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).

Vulnerable Software & Versions: (show all)

CVE-2017-10165  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-10167  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-10227  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-10279  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-10284  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Stored Procedure). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-10296  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-10311  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-10313  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-10320  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-10365  

Severity: Medium
CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:N/I:P/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 3.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L).

Vulnerable Software & Versions:

CVE-2017-3238  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).

Vulnerable Software & Versions: (show all)

CVE-2017-3243  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).

Vulnerable Software & Versions:

CVE-2017-3244  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).

Vulnerable Software & Versions: (show all)

CVE-2017-3251  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.9 (Availability impacts).

Vulnerable Software & Versions:

CVE-2017-3256  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-20 Improper Input Validation

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).

Vulnerable Software & Versions:

CVE-2017-3257  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-485 Insufficient Encapsulation

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).

Vulnerable Software & Versions:

CVE-2017-3258  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-20 Improper Input Validation

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).

Vulnerable Software & Versions: (show all)

CVE-2017-3265  

Severity: Medium
CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).

Vulnerable Software & Versions: (show all)

CVE-2017-3273  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-20 Improper Input Validation

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).

Vulnerable Software & Versions: (show all)

CVE-2017-3291  

Severity: Low
CVSS Score: 3.5 (AV:L/AC:H/Au:S/C:P/I:P/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts).

Vulnerable Software & Versions: (show all)

CVE-2017-3302  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.

Vulnerable Software & Versions: (show all)

CVE-2017-3305  

Severity: Medium
CVSS Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter verification in a client, aka, "The Riddle".

Vulnerable Software & Versions: (show all)

CVE-2017-3308  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3309  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3312  

Severity: Low
CVSS Score: 3.5 (AV:L/AC:H/Au:S/C:P/I:P/A:P)
CWE: CWE-254 Security Features

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts).

Vulnerable Software & Versions: (show all)

CVE-2017-3313  

Severity: Low
CVSS Score: 1.5 (AV:L/AC:M/Au:S/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).

Vulnerable Software & Versions: (show all)

CVE-2017-3317  

Severity: Low
CVSS Score: 1.5 (AV:L/AC:M/Au:S/C:N/I:N/A:P)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).

Vulnerable Software & Versions: (show all)

CVE-2017-3318  

Severity: Low
CVSS Score: 1.0 (AV:L/AC:H/Au:S/C:P/I:N/A:N)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).

Vulnerable Software & Versions: (show all)

CVE-2017-3319  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).

Vulnerable Software & Versions:

CVE-2017-3320  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 2.4 (Confidentiality impacts).

Vulnerable Software & Versions:

CVE-2017-3329  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3450  

Severity: Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3452  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.35 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3453  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3454  

Severity: Medium
CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:N/I:P/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

Vulnerable Software & Versions:

CVE-2017-3455  

Severity: Medium
CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:P/I:P/A:N)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).

Vulnerable Software & Versions:

CVE-2017-3456  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3457  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3458  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3459  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3460  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3461  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3462  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3463  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3464  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).

Vulnerable Software & Versions: (show all)

CVE-2017-3465  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).

Vulnerable Software & Versions:

CVE-2017-3467  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).

Vulnerable Software & Versions:

CVE-2017-3468  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).

Vulnerable Software & Versions:

CVE-2017-3529  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: UDF). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3599  

Severity: High
CVSS Score: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet.

Vulnerable Software & Versions: (show all)

CVE-2017-3600  

Severity: Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3633  

Severity: Medium
CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:N/I:P/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3634  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3635  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/C). Supported versions that are affected are 6.1.10 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. Note: The documentation has also been updated for the correct way to use mysql_stmt_close(). Please see: https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-execute.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-fetch.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-close.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-error.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-errno.html, and https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-sqlstate.html. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3636  

Severity: Medium
CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

Vulnerable Software & Versions: (show all)

CVE-2017-3637  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3638  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3639  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3640  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3641  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3642  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3643  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3644  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3645  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3646  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions:

CVE-2017-3647  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3648  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3649  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Software & Versions: (show all)

CVE-2017-3650  

Severity: Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).

Vulnerable Software & Versions:

CVE-2017-3651  

Severity: Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).

Vulnerable Software & Versions: (show all)

CVE-2017-3652  

Severity: Medium
CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:P/A:N)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).

Vulnerable Software & Versions: (show all)

CVE-2017-3653  

Severity: Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N)
CWE: CWE-284 Improper Access Control

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).

Vulnerable Software & Versions: (show all)

jffi-1.2.9-native.jar: jffi-1.2.dll

File Path: /root/.m2/repository/com/github/jnr/jffi/1.2.9/jffi-1.2.9-native.jar/jni/x86_64-Windows/jffi-1.2.dll
MD5: 5d80b61c1f9e31860c17b3a410948e7e
SHA1: 5ca292116336ee4ceed00d10e756afea580e62cf
Referenced In Project/Scope: headerbuddy:runtime

Identifiers

  • None

jffi-1.2.9-native.jar: jffi-1.2.dll

File Path: /root/.m2/repository/com/github/jnr/jffi/1.2.9/jffi-1.2.9-native.jar/jni/i386-Windows/jffi-1.2.dll
MD5: 841e60814ed6b2971a47b267aef1c58a
SHA1: 07d30c6407fefad8df4b6afc4d85f83e547975ca
Referenced In Project/Scope: headerbuddy:runtime

Identifiers

  • None

docker-client-8.7.1-shaded.jar/META-INF/maven/com.fasterxml.jackson.core/jackson-core/pom.xml

Description: Core Jackson abstractions, basic JSON streaming API implementation

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/com.fasterxml.jackson.core/jackson-core/pom.xml
MD5: 8699dbe23c10ca05ecb02e0b31c88aeb
SHA1: 39fc72c2d4b4370bda4767d66dfe5ce82cffdb79

Identifiers

  • cpe: cpe:/a:fasterxml:jackson:2.8.8   Confidence:Low   
  • maven: com.fasterxml.jackson.core:jackson-core:2.8.8   Confidence:High

docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.core/jersey-client/pom.xml

Description: Jersey core client implementation

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.core/jersey-client/pom.xml
MD5: 085f09a3b5576a0cb1ca76544e3cca29
SHA1: fa1cdb5a11f1d52b289f208e90589d73e5fe8352

Identifiers

  • maven: org.glassfish.jersey.core:jersey-client:2.22.2   Confidence:High

docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.core/jersey-common/pom.xml

Description: Jersey core common packages

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.core/jersey-common/pom.xml
MD5: a599c8c931317ddec5c36441fdd94266
SHA1: 44e0358bbf754ed4982b84ce10e5304e2a414ef4

Identifiers

  • maven: org.glassfish.jersey.core:jersey-common:2.22.2   Confidence:High

docker-client-8.7.1-shaded.jar/META-INF/maven/javax.annotation/javax.annotation-api/pom.xml

Description: Common Annotations for the JavaTM Platform API

License:

CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html
File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/javax.annotation/javax.annotation-api/pom.xml
MD5: 11204d5fb5c6aa1ae5948f22a37a2795
SHA1: d90e6c7f83898fe30f83aeaf4d411285f970a433

Identifiers

  • maven: javax.annotation:javax.annotation-api:1.2   Confidence:High
  • cpe: cpe:/a:id:id-software:1.2   Confidence:Low   

docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.bundles.repackaged/jersey-guava/pom.xml

Description: Jersey Guava Repackaged

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.bundles.repackaged/jersey-guava/pom.xml
MD5: 9a0870bf6408639cceacc3dee6cfa907
SHA1: a87856dc87ffef07114f5b6ea8c2c429d49ef271

Identifiers

  • maven: org.glassfish.jersey.bundles.repackaged:jersey-guava:2.22.2   Confidence:High

docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2/hk2-api/pom.xml

Description: ${project.name}

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2/hk2-api/pom.xml
MD5: b5ed2d797f6bca1487e6c276317ebc82
SHA1: 9d74dd728b614da6fe3a8cf85c360fc9a0118a63

Identifiers

  • maven: org.glassfish.hk2:hk2-api:2.4.0-b34   Confidence:High

docker-client-8.7.1-shaded.jar/META-INF/maven/org.jvnet/tiger-types/pom.xml

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/org.jvnet/tiger-types/pom.xml
MD5: 51329dba505e7cc4a9bc2719cf195be0
SHA1: 5855a7ee03b816073c2b448bce93319bd71f7029

Identifiers

  • maven: org.jvnet:tiger-types:1.4   Confidence:High

docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2/hk2-utils/pom.xml

Description: ${project.name}

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2/hk2-utils/pom.xml
MD5: 4466ecc3437fd38cb0f0dcae536a9f1c
SHA1: c2206f30ce8a8ff8895614cab9163c03897bf5bd

Identifiers

  • maven: org.glassfish.hk2:hk2-utils:2.4.0-b34   Confidence:High

docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2.external/aopalliance-repackaged/pom.xml

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2.external/aopalliance-repackaged/pom.xml
MD5: 6329fe94f6528ac0805f221c392a27bb
SHA1: 6c33a2d0185a9f1c1f9310570baf11624b28ecd4

Identifiers

  • maven: org.glassfish.hk2.external:aopalliance-repackaged:2.4.0-b34   Confidence:High

docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2.external/javax.inject/pom.xml

Description: Injection API (JSR 330) version ${javax.inject.version} repackaged as OSGi bundle

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2.external/javax.inject/pom.xml
MD5: 8384dce4d1680f2e8ce90d68e8f31fab
SHA1: ebb938fcb872a7b5e95e4993067e81293567af21

Identifiers

  • maven: org.glassfish.hk2.external:javax.inject:2.4.0-b34   Confidence:High

docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2/hk2-locator/pom.xml

Description: ${project.name}

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.hk2/hk2-locator/pom.xml
MD5: c93e64886fed06279f0fc3227d4181ce
SHA1: 653de9a6dd7758f00bfa19a4bc0a16ab29bb47f2

Identifiers

  • maven: org.glassfish.hk2:hk2-locator:2.4.0-b34   Confidence:High

docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.media/jersey-media-json-jackson/pom.xml

Description:  Jersey JSON Jackson (2.x) entity providers support module.

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.media/jersey-media-json-jackson/pom.xml
MD5: f8dab756323726c59048a9ef8aa5cdf2
SHA1: 0f525bd88f9a26a31d89903f4321330e0ee76cb7

Identifiers

  • maven: org.glassfish.jersey.media:jersey-media-json-jackson:2.22.2   Confidence:High

docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.ext/jersey-entity-filtering/pom.xml

Description:  Jersey extension module providing support for Entity Data Filtering.

File Path: /root/.m2/repository/com/spotify/docker-client/8.7.1/docker-client-8.7.1-shaded.jar/META-INF/maven/org.glassfish.jersey.ext/jersey-entity-filtering/pom.xml
MD5: e368931c4ecc5918bf2f4ed134f6996e
SHA1: 9a4614d53d44db1b1ad03271a345f69b2908d902

Identifiers

  • maven: org.glassfish.jersey.ext:jersey-entity-filtering:2.22.2   Confidence:High


This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the Node Security Platform.